Meraki Vulnerabilities


Meraki Vulnerabilities

While browsing through the Meraki dashboard i've noticed some vulnerabilities that apply to several of the networks managed by us (MSP). When checking the affected components it appears they already run on a firmware that is no longer affected by the vulnerabilities.


For this reason i've decided to open a case to ask for additional information:

1) Which specific devices have been affected by the vulnerability.

2) For how long have these devices been affected (start/end date)

To my suprise the response was that this information is not accessible for Meraki employees. 


This means we now need to inform our customers that they might have been victim to a data breach (GDPR), and have no way providing crucial information that helps determining the impact. 

I'm wondering how others are handling these 'events' when critical information is not accessible.

I've also noticed there's no way on accessing vulnerability updates by API or subscribing to a mail alert. There must be a more efficiënt way to be notified about vulnerabilities then opening the dashboard. Any tips here would also be welcome.

Kind of a big deal

Re: Meraki Vulnerabilities

The only way I've seen vulnerabilities is because I got an email about them, and/or at the top of the screen, click on 'Announcements' and you can see them there.
Nolan Herring |
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.