Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
766
Views
11
Helpful
1
Replies

IOS Software Checker -v- Security notifications

oloneb
Level 1
Level 1

‎09-12-2017 02:22 AM

Can you please advise if the IOS software checker should be the default source for affected versions? In the notifications there are bug ID's noted but often the information in these do not match the output of the software checker. So do we assume that the bug ID's are the only ones that have currently been reported and aassociated to the PSIRT but the Software Checker identifies all versions affected irrespective if a bug has been reported against that product / version?

1 Reply 1

Omar Santos
Cisco Employee
Cisco Employee

‎09-12-2017 09:11 AM

Hi Oloneb,

Yes. The IOS Software Checker integration is the main source of version information. Only IOS and IOS-XE are currently supported and Cisco is planning to supporting other platforms in the future. You can use the Cisco PSIRT openVuln API to perform queries similar to the Cisco IOS Checker. You can search for Cisco Security Advisories that apply to specific Cisco IOS and IOS XE Software releases and have a Security Impact Rating (SIR) of Critical or High. Note that the tool does not provide information about security advisories that have a SIR of Medium.


Method  REST API URL
GEThttps://api.cisco.com/security/advisories/ios?version=<<IOS version>>
GEThttps://api.cisco.com/security/advisories/iosxe?version=<<IOS XE version>>

More information at:

https://developer.cisco.com/site/PSIRT/get-started/getting-started.gsp

Customers Also Viewed These Support Documents