New Cisco StarOS vulnerability with Meraki listed?

Aaron_Wilson
A model citizen

New Cisco StarOS vulnerability with Meraki listed?

Having some trouble finding any good info on this:

 

https://threatpost.com/critical-cisco-staros-bug-root-access-debug-mode/177832/

 

A few other articles all list Meraki MX as being affected, but none of the Cisco documents list Meraki. It's also not clear if this is a bug directly with the MX, or if you must be running FTD in order to gain access to the MX.

 

Anyone seen or heard anything further? I know its hot off the press....

6 REPLIES 6
CptnCrnch
Kind of a big deal
Kind of a big deal

Strictly speaking, the StarOS bug doesn't affect Meraki or FTD at all. It's "only" the Snort / IPS preprocessor for Modbus. As far as I know, that's not even active on Meraki MX.

 

Therefore I don't even know why this one is mentioned in this article.

Highly confusing...lol

DarrenOC
Kind of a big deal
Kind of a big deal

There's no mention of Meraki within the Cisco advisory:

 

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rcm-vuls-7cS3Nuq#fs

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
DarrenOC
Kind of a big deal
Kind of a big deal

There is however another Snort related vulnerability which does affect MX's

 

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-9D3hJLuj

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.

Well, like we all know that InfoSec and IT leadership reads these articles then asks many question 😉

 

So the questions are:

1) Why are news articles mentioning Meraki when discussing the StarOS issues

2) Is it truly only related to SNORT/IDS?

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels