Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
214
Views
2
Helpful
3
Replies

CSCvx64514 - Cisco IOS XE Software for Cisco Catalyst Switches Informa

Go to solution
Ernesto.Avila
Level 1
Level 1

‎04-29-2024 12:23 PM

Regarding this bug, Does the password-recovery disable feature should be disabled in order to exploit this vulnerability?

Determine Whether the Password-Recovery Disable Feature is Enabled

To determine whether the password-recovery disable feature is enabled, log in to the device and use the show romvar | include SWITCH_DISABLE_PASSWORD_RECOVERY CLI command. The following example shows the output of a device that has the password-recovery disable feature enabled (SWITCH_DISABLE_PASSWORD_RECOVERY value is "1"):

Switch# show romvar | include SWITCH_DISABLE_PASSWORD_RECOVERY
SWITCH_DISABLE_PASSWORD_RECOVERY="1"

If the value is "0" or the SWITCH_DISABLE_PASSWORD_RECOVERY is not shown in the show romvar CLI command, the password-recovery disable feature is not enabled.

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-info-disc-nrORXjO

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎04-29-2024 03:37 PM

It should be set to 0.

View solution in original post

3 Replies 3

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎04-29-2024 03:37 PM

It should be set to 0.

Go to solution
networkopwest
Level 1
Level 1

‎05-01-2024 12:09 AM

How to set 0, appreciate if you can provide the CLI to set 0

 

0 Helpful

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame
In response to networkopwest

‎05-01-2024 04:29 AM 

conf t
 no system ignore startupconfig switch all
end
wr
Customers Also Viewed These Support Documents