Summary
Affected Products
Details
Impact
Software Versions and Fixes
Workarounds
Obtaining Fixed Software
Exploitation and Public Announcements
Status of This Notice: FINAL
Distribution
Revision History
Cisco Security Procedures
Multiple Cisco products contain vulnerabilities in the processing of Simple Network Management Protocol (SNMP) messages. The vulnerabilities can be repeatedly exploited to produce a denial of service. In most cases, workarounds are available that may mitigate the impact. These vulnerabilities are identified by various groups as VU#617947, VU#107186, OUSPG #0100, CAN-2002-0012, and CAN-2002-0013.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20020212-snmp-msgs.shtml.
This advisory only applies to Cisco products that run Cisco IOS Software. A companion document describes this vulnerability as it applies to Cisco products that do not run Cisco IOS Software, http://www.cisco.com/warp/public/707/cisco-sa-20020211-snmp-msgs-non-ios.shtml.
This section provides details on affected products.
This security advisory applies to the broad range of Cisco products that run Cisco IOS Software.
To determine the software running on a Cisco product, log in to the device and issue the show version command to display the system banner. Cisco IOS software will identify itself as "Internetwork Operating System Software" or simply "IOSŪ". On the next line of output, the image name will be displayed between parentheses, followed by "Version" and the IOS release name. Other Cisco devices will not have the show version command or will give different output.
The following example identifies a Cisco product running IOS release 12.0(3) with an installed image name of C2500-IS-L:
Cisco Internetwork Operating System Software IOS (TM)
2500 Software (C2500-IS-L), Version 12.0(3), RELEASE SOFTWARE
The release train label is "12.0".
The next example shows a product running IOS release 12.0(2a)T1 with an image name of C2600-JS-MZ:
Cisco Internetwork Operating System Software IOS (tm) C2600 Software (C2600-JS-MZ), Version 12.0(2a)T1, RELEASE SOFTWARE (fc1)
Additional information about Cisco IOS Banners is available at http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/products_white_paper09186a008018305e.shtml#3.
To determine if a product is vulnerable, review the list below. If software versions or configuration information is included, then only those combinations are affected (or unaffected). If the product or series is listed without any qualifying software version information, then consult the Software Versions and Fixes section to determine if the product is running an affected version of software.
Note: Catalyst switches can be configured to run either IOS or CatOS. Only Catalyst switches that run IOS are described in this document. Catalysts switches running CatOS are covered in the companion non-IOS security advisory at http://www.cisco.com/warp/public/707/cisco-malformed-snmp-msgs-non-ios-pub.shtml.
The following Cisco products are vulnerable if they are running an affected version of Cisco IOS Software:
This vulnerability potentially affects all major software release trains for Cisco IOS Software. Therefore, any Cisco product that runs Cisco IOS Software is potentially affected. Any unaffected products are listed in the companion non-IOS security advisory.
No other Cisco products are currently known to be affected by these vulnerabilities.
Simple Network Management Protocol (SNMP) defines a standard mechanism for remote management and monitoring of devices in an Internet Protocol (IP) network. There are three fundamental categories of SNMP messages: "get" requests to request information, "set" requests which modify the configuration of the remote device, and "trap" messages which provide a notification or monitoring function. SNMP requests and traps are transported over User Datagram Protocol (UDP) and are received at the assigned destination port numbers 161 and 162, respectively.
The largest group of vulnerabilities described in this advisory result from insufficient checking of SNMP messages as they are received and processed by an affected system. Malformed SNMP messages received by affected systems can cause various parsing and processing functions to fail, which results in a system crash and reload (or reboot) in most circumstances.
In most cases, the vulnerability can be mitigated by applying an access-list statement either to protect the SNMP service itself or to prevent the receipt or transport of SNMP messages at an interface. If access is only permitted for certain IP source addresses such as the IP address of a network management system, the affected device may still be vulnerable. If the network is not protected against IP source address "spoofing" with appropriate ingress filtering, an attacker may be able to transmit a packet from some other location that appears to come from the authorized network management station and successfully crash the destination device.
In some cases, access-list statements on the SNMP service do not protect the device because the vulnerability is exposed before the access-list statement is evaluated. A similar circumstance occurs in which the effectiveness of mitigation commands is negated following a reload. Due to an unrelated defect, Cisco Bug ID CSCdv48842, the effectiveness of the commands depends on the order in which they are parsed. Although effective in the running configuration, the commands are saved in the wrong order in the stored configuration. When the configuration is parsed after a reload, the commands are executed in the wrong order and the expected protection is not provided. Both of the preceding cases are documented in the Workarounds section below, including the ranges of IOS releases in which they are and are not effective.
In certain IOS releases, a community string is not actually removed until the device is reloaded. If the community string is deleted as a protective measure, the system may still be vulnerable until the affected device is reloaded. This condition is due to an unrelated defect documented as Cisco Bug ID CSCds53023, and a workaround is provided in the section below.
In rare circumstances, an unrelated software defect with a documented workaround, Cisco Bug ID CSCdt14805, will cause an affected device to reload continuously as it attempts to recover, and will require manual intervention to resume normal operation. This behavior can be inhibited with the logging exception 4096 command applied while in enable mode. This command does not protect against the vulnerability described in this advisory, but will allow an affected device to reload normally if it crashes due to the vulnerabilities described in this advisory.
These vulnerabilities can be easily and repeatedly demonstrated with the use of the University of Oulu Secure Programming Group (OUSPG) "PROTOS" Test Suite for SNMPv1. The test suite is generally used to analyze a protocol and produce messages that probe various design limits within an implementation of a protocol. Test packets containing overly-long or malformed object identifiers and other combinations of exceptional values in various fields can be programmatically generated and then transmitted to a network device under test. The PROTOS test suite for SNMPv1, as distributed, contains approximately 53,000 individual test cases. The authors intend to make the test suite available to the public at the same time that this advisory is published.
The vulnerabilities are repaired by generally improving the handling of malformed SNMP messages in various ways, at a minimum by adding much stronger tests for the validity of incoming SNMP messages. Although the test suite itself applies only to SNMPv1, similar vulnerabilities likely exist in SNMPv2c and SNMPv3. Cisco has attempted to resolve those additional potential vulnerabilities simultaneously.
Cisco Bug IDs CSCdw65903 and CSCdw62592 identify IOS software releases that have been fixed for these vulnerabilities. The following are the complete list of Bug ID's associated with this issue for IOS versions: CSCdt11503, CSCdu06427, CSCdu82770, CSCdv43903, CSCdv73848, CSCdv60119, CSCdm63334, CSCdv57565, CSCdw03959, CSCds87560, CSCin01557, CSCin01664, CSCdv48842, CSCin01208, CSCdu47447, CSCdv48776, CSCdv66527, CSCds89640, CSCdt41731, CSCdt83999, CSCea29276, CSCdw72930, CSCdx27170, CSCdw89845, CSCdx14656, CSCdv22261, CSCdw62852, CSCdt20091, CSCdv60119, CSCdw68469, CSCdt41731, CSCdv04606, CSCdw63089, CSCdu89682, CSCdw78210, CSCds89640.
There are three other notable conditions that may appear to be caused by these vulnerabilities but are actually triggered by overloaded logging mechanisms. First, a change to the logging mechanism for SNMP authentication failures introduced in 12.0(16)S can result in a flood of syslog messages. Testing for the SNMP vulnerabilities against a fixed version of IOS could result in a denial of service due to a flood of logging messages on affected systems. This behavior is repaired in 12.0(21)S by turning off the new logging behavior by default and rate-limiting the SNMP authentication failure syslog messages. A workaround is provided by applying the following undocumented command while in enable mode on the affected device: no logging snmp-authfail. Note that using this workaround will result in disabling all SNMP authentication failure logging messages.
Second, certain platforms are susceptible to tracebacks while testing for malformed SNMP message vulnerabilities. The tracebacks do not result in a crash, but may result in memory leaks and excessive logging which in turn may cause performance of the affected device to degrade to an unacceptable level. The performance impact can be mitigated by limiting the logging configuration to reduce the normal volume of logging messages.
Third, certain platforms and releases may encounter problems with the SNMP flash memory Management Information Base (MIB). When an "snmpwalk" of the affected device is executed, attempts to access the "flash MIB" result in a large volume of error messages which might overload the console and logging system. The performance impact can be limited as shown above.
Independent security advisories have implicated TCP or UDP port 1993 in this vulnerability. Port 1993 is assigned to Cisco for SNMP over TCP, but it appears only in Cisco IOS software releases 10.x and earlier. It is not currently supported in nor employed by any current Cisco products. Filtering port 1993 to protect Cisco devices is only relevant in networks with Cisco devices running IOS release 8.x, 9.x., or 10.0.
The vulnerability can be exploited to produce a Denial of Service (DoS) attack. When the vulnerability is exploited, it can cause an affected Cisco product to crash and reload.
SNMP messages are transported using User Datagram Protocol (UDP) and are subject to IP source address spoofing. In any circumstance where ingress and egress source IP address filtering is lacking, it is more likely that an attacker could spoof the source IP address and circumvent access control mechanisms to cause a vulnerable system to fail.
If an attacker is able to guess or otherwise obtain a read-only community string for an affected device, then he or she could bypass SNMP access control that depends on the community string.
Please review the information in the following link for details on Cisco non-IOS products:
http://www.cisco.com/warp/public/707/cisco-malformed-snmp-msgs-non-ios-pub.shtml.
Each row of the Cisco IOS software table (below) describes a release train and the platforms or products for which it is intended. If a given release train is vulnerable, then the earliest possible releases that contain the fix (the "First Fixed Release") and the anticipated date of availability for each are listed in the "Rebuild," "Interim," and "Maintenance" columns. A device running a release in the given train that is earlier than the release in a specific column (less than the First Fixed Release) is known to be vulnerable. The release should be upgraded at least to the indicated release or a later version (greater than or equal to the First Fixed Release label). When selecting a release, keep in mind the following definitions:
To find the information for a given IOS release, compare the release number as reported by the show version command to the major releases in the first column below. For example, if your device reports that it is running 12.0(4), find the row in the table for "12.0". Reading across to the right, you find 12.0(4b) in the Rebuild column, indicating that both 12.0(4) and 12.0(4a) are both vulnerable. Since 12.0(4b) is already available for download from CCO, you could upgrade to it immediately. The earliest maintenance release containing the fix will be 12.0(22), which will be available for download from CCO on or about 2002-Apr-08. The earliest interim release containing the fix is not available.
If a release train is labeled "Vulnerable", then migration to another release train should be considered. Except where a release label in a different release train is explicitly identified in the table below, customers should contact the Cisco TAC for assistance to identify the appropriate migration path. If migration is not possible, then workarounds may be the only alternative.
In all cases, customers should exercise caution to confirm that the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new software release. If the information is not clear, contact the Cisco TAC for assistance as shown in the "Obtaining Fixed Software" section below.
More information on Cisco IOS software release names and abbreviations is available at http://www.cisco.com/warp/public/620/1.html.
The fixes will be available at the Software Center located at http://www.cisco.com/public/sw-center/.
For a current view of all posted and repaired images for Cisco IOS software, please check the listing available to registered CCO users at:
|
Train or Release |
Description or Platform |
Availability of First Fixed Releases* |
||
|---|---|---|---|---|
|
10.x Releases and Earlier |
Rebuild |
Interim** |
Maintenance |
|
|
10.3 and earlier |
Major release for all platforms |
Vulnerable |
||
|
Not Scheduled |
||||
|
11.0 Releases |
Rebuild |
Interim** |
Maintenance |
|
|
11.0 |
Major General Deployment release for all platforms |
11.0(22b)*** |
Only available via FTP; see note below. |
|
|
2002-Feb-18 |
||||
|
11.0BT |
Early Deployment release for 7000, 7200, 7500 |
Vulnerable |
||
|
Not Scheduled |
||||
|
11.0NA |
ED release: 1003,1004,1005 |
Vulnerable |
||
|
Not Scheduled |
||||
|
11.1 Releases |
Rebuild |
Interim** |
Maintenance |
|
|
11.1 |
Major release for all platforms |
11.1(24b)*** |
Only available via FTP; see note below. |
|
|
2002-Feb-27 |
||||
|
11.1AA |
ED release for access servers: 1600, 3200, and 5200 series. |
11.1(20)AA4 |
||
|
2002-Mar-04 |
||||
|
11.1CA |
Platform-specific support for 7500, 7200, 7000, and RSP |
11.1(36)CA3 |
||
|
2002-Feb-22 |
||||
|
11.1CC |
ISP train: added support for FIB, CEF, and NetFlow on 7500, 7200, 7000, and RSP |
11.1(36)CC5 |
||
|
2002-Feb-25 |
||||
|
11.1CT |
Added support for Tag Switching on 7500, 7200, 7000, and RSP |
11.1(28a)CT |
||
|
2002-Mar-04 |
||||
|
11.1IA |
DistributedDirector only |
11.1(28)IA2 |
||
|
2002-Mar-04 |
||||
|
11.2 Releases |
Rebuild |
Interim** |
Maintenance |
|
|
11.2 |
Major release, general deployment |
11.2(26d) |
||
|
2002-Feb-23 |
||||
|
11.2BC |
Platform support for IBM networking, CIP, and TN3270 on 7500, 7000, and RSP series |
Vulnerable |
||
|
Not Scheduled |
||||
|
11.2F |
Early Deployment release for all platforms |
Vulnerable |
||
|
Not Scheduled |
||||
|
11.2GS |
Early deployment release to support 12000 GSR |
11.2(19)GS8 |
||
|
On CCO |
||||
|
11.2P |
New platform support for all platforms |
11.2(26)P4 |
||
|
2002-Feb-25 |
||||
|
11.2SA |
Catalyst 2900XL switch |
11.2(8.10)SA6 |
||
|
On CCO |
||||
|
11.2WA |
Lightstream 1010 ATM switch |
Vulnerable |
||
|
Not Scheduled |
||||
|
11.2XA |
11.2(4)XA only: Short lived release for 1600 and 3600 only |
11.2(4)XA2 |
||
|
2002-Feb-22 |
||||
|
11.2(9)XA only: Short lived release for 5300 only |
Vulnerable |
|||
|
Not Scheduled |
||||
|
11.3 Releases |
Rebuild |
Interim** |
Maintenance |
|
|
11.3 |
Major release for all platforms |
11.3(11c) |
||
|
On CCO |
||||
|
11.3AA |
Early Deployment release for 5200, 5300, 5800, 7200 |
Vulnerable |
||
|
Not Scheduled |
||||
|
11.3DA |
Early Deployment release for 6200 DSLAM |
Vulnerable |
||
|
Not Scheduled |
||||
|
11.3DB |
Early Deployment release for the 6400 NSP xDSL broadband concentrator |
11.3(9)DB3 |
||
|
2002-Feb-19 |
||||
|
11.3DC |
Early Deployment release for the 6400 NRP xDSL broadband concentrator |
Vulnerable |
||
|
Not Scheduled |
||||
|
11.3HA |
Early Deployment release for ISC3303 |
Vulnerable |
||
|
Not Scheduled |
||||
|
11.3MA |
Early Deployment release for MC3810 |
11.3(1)MA9 |
||
|
2002-Feb-19 |
||||
|
11.3NA |
Early Deployment release for 2500, 3600, 5300, uBR900, uBR7000 |
Vulnerable |
||
|
Not Scheduled |
||||
|
11.3T |
Early deployment major release |
11.3(11b)T2 |
||
|
On CCO |
||||
|
11.3XA |
11.3(2)XA only: Short lived release for uBR7000 and 2600 |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.0 Releases |
Interim** |
Interim** |
Maintenance |
|
|
12.0 |
General Deployment release for all platforms |
12.0(2b) |
12.0(22) |
|
|
On CCO |
2002-Apr-08 |
|||
|
12.0(3d) |
||||
|
On CCO |
||||
|
12.0(4b) |
||||
|
On CCO |
||||
|
12.0(5a) |
||||
|
On CCO |
||||
|
12.0(6b) |
||||
|
On CCO |
||||
|
12.0(7a) |
||||
|
On CCO |
||||
|
12.0(8a) |
||||
|
On CCO |
||||
|
12.0(9a) |
||||
|
On CCO |
||||
|
12.0(10a) |
||||
|
On CCO |
||||
|
12.0(11a) |
||||
|
On CCO |
||||
|
12.0(12a) |
||||
|
On CCO |
||||
|
12.0(13a) |
||||
|
On CCO |
||||
|
12.0(14a) |
||||
|
On CCO |
||||
|
12.0(15a) |
||||
|
On CCO |
||||
|
12.0(16a) |
||||
|
On CCO |
||||
|
12.0(17a) |
||||
|
On CCO |
||||
|
12.0(18b) |
||||
|
2002-Feb-14 |
||||
|
12.0(19a) |
||||
|
2002-Feb-12 |
||||
|
12.0(20a) |
||||
|
On CCO |
||||
|
12.0(21a) |
||||
|
2002-Feb-10 |
||||
|
12.0DA |
Early Deployment release for 6200 |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.0DB |
ISP/Telco/PTT xDSL broadband concentrator platforms |
12.0(7)DB2 |
||
|
On CCO |
||||
|
12.0DC |
6400 Access Concentrator |
12.0(7)DC1 |
||
|
On CCO |
||||
|
12.0S |
Core/ISP support: GSR, RSP, c7200 |
12.0(8)S1 |
||
|
On CCO |
||||
|
12.0(9)S8 |
||||
|
On CCO |
||||
|
12.0(10)S7 |
||||
|
On CCO |
||||
|
12.0(11)S6 |
||||
|
On CCO |
||||
|
12.0(12)S3 |
||||
|
On CCO |
||||
|
12.0(13)S6 |
||||
|
2002-Feb-12 |
||||
|
12.0(14)S7 |
||||
|
On CCO |
||||
|
12.0(15)S6 |
||||
|
On CCO |
||||
|
12.0(16)S8 |
||||
|
On CCO |
||||
|
12.0(17)S4 |
||||
|
On CCO |
||||
|
12.0(18)S5 |
||||
|
On CCO |
||||
|
12.0(19)S2 |
||||
|
On CCO |
||||
|
12.0(21)S1 |
||||
|
On CCO |
||||
|
12.0SC |
Cable/broadband ISP: ubr7200 |
12.0(15)SC1 |
||
|
On CCO |
||||
|
12.0(16)SC3 |
||||
|
On CCO |
||||
|
12.0SL |
Early Deployment release 10000 ESR |
12.0(17)SL6 |
||
|
On CCO |
||||
|
12.0(19)SL4 |
||||
|
On CCO |
||||
|
12.0SP |
Early Deployment release |
12.0(20)SP1 |
||
|
On CCO |
||||
|
12.0ST |
Early Deployment release |
12.0(11)ST4 |
12.0(21)ST |
|
|
March 2002 |
||||
|
On CCO |
||||
|
12.0(14)ST3 |
||||
|
On CCO |
||||
|
12.0(16)ST1 |
||||
|
On CCO |
||||
|
12.0(17)ST5 |
||||
|
On CCO |
||||
|
12.0(18)ST1 |
||||
|
On CCO |
||||
|
12.0(19)ST2 |
||||
|
On CCO |
||||
|
12.0(20)ST2 |
||||
|
On CCO |
||||
|
12.0SX |
Other than 12.0(10)SX: Short-lived early deployment release for the 10000 ESR |
12.0(21)SX |
||
|
2002-Feb-25 |
||||
|
12.0(10)SX only: Short-lived early deployment release |
Vulnerable |
|||
|
Not Scheduled |
||||
|
12.0T |
Early Deployment release |
12.0(7)T2 |
||
|
On CCO |
||||
|
12.0W5 |
Early Deployment release for c5rsm images only |
12.0(10)W5(18h) |
||
|
2002-Mar-07 |
||||
|
Early Deployment maintenance release for c6msm images only |
12.0(16)W5(21c) |
|||
|
2002-Mar-08 |
||||
|
Early Deployment maintenance release for cat2948g-L3 and cat4232 images only |
12.0(18)W5(22b) |
|||
|
2002-Mar-04 |
||||
|
Early Deployment maintenance release for c5atm, cat8510c, cat8510m, cat8540c, cat8540m, and ls1010 images only |
12.0(20)W5(24a) |
|||
|
On CCO |
||||
|
12.0WC |
12.0(5)WC, 12.0(5)WC2, and 12.0(5.4)WC1 for 2900XL-LRE only |
12.0(5)WC2b |
||
|
On CCO |
||||
|
12.0(5)WC2 and 12. |
12.0(5)WC3b |
|||
|
On CCO |
||||
|
12.0(5)WC2, 12.0(5.3)WC1, and 12.0(5.4)WC1 for 2950 only |
12.1(6)EA2b |
|||
|
On CCO |
||||
|
12.0WT |
12.0(13)WT6(1) only: Short-lived early deployment release. |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.0WX |
12.0(4a)WX5(11a) only: Maintenance release for c5atm, cat8510c, cat8510m, cat8540c, cat8540m, ls1010 images only |
12.0(20)W5(24a) |
||
|
2002-Feb-12 |
||||
|
12.0(7)WX5(15a) only: Maintenance release for cat2948g-L3, cat2948g-L3, and cat4232 images only |
12.0(18)W5(22b) |
|||
|
2002-Feb-22 |
||||
|
12.0XA |
12.0(1)XA only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.0XB |
12.0(1)XB only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.0XC |
12.0(2)XC only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.0XD |
12.0(2)XD only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.0XE |
12.0(1)XE only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.0(2)XE only: Short-lived early deployment release |
12.0(2)XE4 |
|||
|
On CCO |
||||
|
12.0(3)XE only: Short-lived early deployment release |
Vulnerable |
|||
|
Not Scheduled |
||||
|
12.0(4)XE only: Short-lived early deployment release |
12.0(4)XE2 |
|||
|
On CCO |
||||
|
12.0(5)XE only: Short-lived early deployment release |
12.0(5)XE8 |
|||
|
On CCO |
||||
|
12.0(7)XE only: Short-lived early deployment release |
12.0(7)XE2 |
|||
|
On CCO |
||||
|
12.0XF |
12.0(7)XF only: Short-lived early deployment release |
Not Affected |
||
|
12.0(2)XF only: Short-lived early deployment release |
Not Affected |
|||
|
12.0XG |
12.0(3)XG only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.0XH |
12.0(2)XH only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.0(4)XH only: Short-lived early deployment release |
Vulnerable |
|||
|
Not Scheduled |
||||
|
12.0XI |
12.0(4)XI only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.0XJ |
12.0(4)XJ only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.0XK |
12.0(5)XK only: Short-lived early deployment release |
12.0(5)XK2 |
||
|
On CCO |
||||
|
12.0(7)XK only: Short-lived early deployment release |
12.0(7)XK3 |
|||
|
On CCO |
||||
|
12.0XL |
12.0(4)XL only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.0XM |
12.0(4)XM only: Short-lived early deployment release |
12.0(4)XM1 |
||
|
On CCO |
||||
|
12.0XN |
12.0(5)XN only: Short-lived early deployment release |
12.0(5)XN1 |
||
|
2002-Feb-22 |
||||
|
12.0XP |
12.0(5)XP and 12.0(5.1)XP only: Early Deployment release for 2900XL and 3500XL only |
12.0(5)WC3b |
||
|
On CCO |
||||
|
12.0XT |
12.0(5)XT only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.0XU |
12.0(5)XU and 12.0(5.2)XU only: Early Deployment release for 2900XL and 3500XL only |
12.0(5)WC3b |
||
|
On CCO |
||||
|
12.0XV |
12.0(7)XV only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.1 Releases |
Interim** |
Interim** |
Maintenance |
|
|
12.1 |
Major Release, all platforms |
12.1(1c) |
12.1(13) |
|
|
On CCO |
2002-Feb-14 |
|||
|
12.1(2b) |
||||
|
On CCO |
||||
|
12.1(3b) |
||||
|
On CCO |
||||
|
12.1(4a) |
||||
|
On CCO |
||||
|
12.1(5e) |
||||
|
On CCO |
||||
|
12.1(6a) |
||||
|
On CCO |
||||
|
12.1(7b) |
||||
|
On CCO |
||||
|
12.1(8c) |
||||
|
On CCO |
||||
|
12.1(9a) |
||||
|
On CCO |
||||
|
12.1(10a) |
||||
|
On CCO |
||||
|
12.1(11b) |
||||
|
On CCO |
||||
|
12.1(12b) |
||||
|
On CCO |
||||
|
12.1AA |
Early deployment release Dial support |
12.1(8)AA1 |
||
|
On CCO |
||||
|
12.1CX |
12.1(4)CX only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.1(7)CX1 only: Short-lived early deployment release |
Vulnerable |
|||
|
Not Scheduled |
||||
|
12.1DA |
Early Deployment release, xDSL support for 6100 and 6200 |
12.1(7)DA3 |
||
|
2002-Mar-04 |
||||
|
12.1DB |
Early Deployment release for the 6400 NSP |
12.1(1)DB2 |
||
|
On CCO |
||||
|
12.1(3)DB1 |
||||
|
2002-Mar-04 |
||||
|
12.1(4)DB2 |
||||
|
On CCO |
||||
|
12.1(5)DB1 |
||||
|
On CCO |
||||
|
12.1DC |
Early Deployment release for the 6400 NRP |
12.1(1)DC2 |
||
|
On CCO |
||||
|
12.1(3)DC2 |
||||
|
On CCO |
||||
|
12.1(4)DC3 |
||||
|
On CCO |
||||
|
12.1(5)DC2 |
||||
|
On CCO |
||||
|
12.1E |
Early Deployment release, Core/ISP support for 7100, 7200, RSP, 7500 platforms |
12.1(1)E5 |
||
|
On CCO |
||||
|
Early Deployment release, Core/ISP support for c6msfc and c6sup images only |
12.1(1)E6 |
|||
|
On CCO |
||||
|
Early Deployment release, Core/ISP support for rsp, c7000, cat5k, and cat6k images only |
12.1(2)E2 |
|||
|
On CCO |
||||
|
12.1(3a)E7 |
||||
|
On CCO |
||||
|
12.1(4)E3 |
||||
|
On CCO |
||||
|
12.1(5c)E12 |
||||
|
On CCO |
||||
|
12.1(6)E8 |
||||
|
On CCO |
||||
|
12.1(7a)E5 |
||||
|
2002-Feb-25 |
||||
|
12.1(7a)E6 |
||||
|
On CCO |
||||
|
12.1(8b)E9 |
||||
|
On CCO |
||||
|
12.1(9)E3 |
||||
|
On CCO |
||||
|
12.1(10)E4 |
||||
|
On CCO |
||||
|
Early Deployment release, Core/ISP support for 7100, RSP, and 7500 platforms, and c5msfc, c6msfc2, c6sup11, and c6sup12 images only |
12.1(3a)E7 |
|||
|
On CCO |
||||
|
Early Deployment release, Core/ISP support for the 7200 platform |
12.1(3a)E8 |
|||
|
On CCO |
||||
|
12.1EA |
12.1(6)EA2 for 2950 only |
12.1(3a)E8 |
||
|
On CCO |
||||
|
12.1(4)EA1e for 3550 only |
12.1(6)EA2b |
|||
|
On CCO |
||||
|
12.1(6)EA1 for 3550 only |
12.1(8)EA1c |
|||
|
On CCO |
||||
|
12.1EC |
Early Deployment release, Core/ISP support for the uBR7200 only |
12.1(8)EC1 |
||
|
On CCO |
||||
|
12.1(9)EC1 |
||||
|
On CCO |
||||
|
12.1(10)EC1 |
||||
|
On CCO |
||||
|
12.1EW |
12.1(8a)EW only: Short-lived early deployment release |
12.1(8a)EW1 |
||
|
2002-Mar-04 |
||||
|
12.1EX |
12.1(1)EX only: Short-lived early deployment release |
12.1(1)EX1 |
||
|
2002-Mar-04 |
||||
|
12.1(5)EX only: Short-lived early deployment release |
12.1(5c)EX3 |
|||
|
2002-Mar-04 |
||||
|
12.1(6)EX only: Short-lived early deployment release |
Vulnerable |
|||
|
Not Scheduled |
||||
|
12.1(8a)EX only: Short-lived early deployment release |
12.1(8b)EX4 |
|||
|
On CCO |
||||
|
12.1(9)EX only: Short-lived early deployment release |
12.1(9)EX3 |
|||
|
On CCO |
||||
|
12.1(10)EX only: Short-lived early deployment release |
12.1(10)EX |
|||
|
On CCO |
||||
|
12.1EY |
12.1(5)EY only: Short-lived early deployment release |
12.1(5)EY2 |
||
|
On CCO |
||||
|
12.1(6)EY only: Short-lived early deployment release |
12.1(6)EY1 |
|||
|
On CCO |
||||
|
12.1(7a)EY only: Short-lived early deployment release |
12.1(7a)EY3 |
|||
|
On CCO |
||||
|
12.1T |
Early deployment release all major platforms |
12.1(5)T12 |
||
|
On CCO |
||||
|
12.1XA |
12.1(1)XA only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.1XB |
12.1(1)XB only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.1XC |
12.1(1)XC only: Short-lived early deployment release |
12.1(1)XC1 |
||
|
On CCO |
||||
|
12.1XD |
12.1(1)XD only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.1XE |
12.1(1)XE only: Short-lived early deployment release |
12.1(1)XE1 |
||
|
2002-Feb-22 |
||||
|
12.1XF |
12.1(2)XF only: Short-lived early deployment release |
12.1(2)XF5 |
||
|
On CCO |
||||
|
12.1XG |
12.1(3)XG only: Short-lived early deployment release |
12.1(3)XG6 |
||
|
On CCO |
||||
|
12.1XH |
12.1(2a)XH only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.1XI |
12.1(3)XI only: Short-lived early deployment release |
12.1(3a)XI8 |
||
|
On CCO |
||||
|
12.1XJ |
12.1(3)XJ only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.1XL |
12.1(3)XL only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.1XM |
12.1(5)XM only: Short-lived early deployment release |
12.1(5)XM7 |
||
|
On CCO |
||||
|
12.1XP |
12.1(3)XP only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.1XQ |
12.1(3)XQ only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.1XR |
12.1(5)XR only: Short-lived early deployment release |
12.1(5)XR2 |
||
|
2002-Mar-04 |
||||
|
12.1XS |
12.1(3)XS only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.1XS |
12.1(5)XS only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.1XT |
12.1(3)XT only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.1XU |
12.1(5)XU only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.1XV |
12.1(5)XV only: Short-lived early deployment release |
12.1(5)XV4 |
||
|
On CCO |
||||
|
12.1XW |
12.1(3)XW only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.1XX |
12.1(5)XX only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.1YA |
12.1(5)YA only: Short-lived early deployment release |
12.1(5)YA2 |
||
|
On CCO |
||||
|
12.1YB |
12.1(5)YB only: Short-lived early deployment release |
12.1(5)YB5 |
||
|
On CCO |
||||
|
12.1YC |
12.1(5)YC only: Short-lived early deployment release |
12.1(5)YC2 |
||
|
On CCO |
||||
|
12.1YD |
12.1(5)YD only: Short-lived early deployment release |
12.1(5)YD6 |
||
|
On CCO |
||||
|
12.1YE |
12.1(5)YE only: Short-lived early deployment release |
Vulnerable |
||
|
Not Scheduled |
||||
|
12.1YF |
12.1(5)YF only: Short-lived early deployment release |
12.1(5)YF4 |
||
|
2002-Mar-04 |
||||
|
12.1YH |
12.1(5)YH only: Short-lived early deployment release |
12.1(5)YH3 |
||
|
On CCO |
||||
|
12.1YI |
12.1(5)YI only: Short-lived early deployment release |
12.1(5)YI2 |
||
|
2002-Mar-04 |
||||
|
12.2 Releases |
Rebuild |
Interim** |
Maintenance |
|
|
12.2 |
Major release for all platforms |
12.2(1d) |
||
|
On CCO |
||||
|
12.2(3d) |
||||
|
On CCO |
||||
|
12.2(5d) |
||||
|
On CCO |
||||
|
12.2(6c) |
||||
|
On CCO |
||||
|
12.2(7a) |
||||
|
2002-Mar-04 |
||||
|
12.2B |
Early Deployment Broadband Release |
12.2(2)B4 |
||
|
2002-Mar-04 |
||||
|
12.2(4)B2 |
||||
|
On CCO |
||||
|
12.2BC |
Early Deployment Broadband Release for the uBR7000 and uBR10000 |
12.2(4)BC1a |
||
|
On CCO |
||||
|
12.2BY |
Short-lived early deployment release |
12.2(2)BY2 |
||
|
2002-Mar-04 |
||||
|
12.2(2)BY3 |
||||
|
2002-Feb-22 |
||||
|
12.2DA |
Early Deployment release, xDSL support for the 6100 and 6200 |
12.2(1b)DA1 |
12.2(7)DA |
|
|
On CCO |
On CCO |
|||
|
12.2(5)DA1 |
||||
|
2002-Mar-04 |
||||
|
12.2DD |
Specific Technology Early Deployment release for 7200 and 7400 |
12.2(2)DD3 |
||
|
On CCO |
||||
|
12.2DX |
12.2(1)DX only: Short-lived early deployment release |
12.2(1)DX1 |
||
|
On CCO |
||||
|
12.2MB |
Specific Technology Early Deployment release for 2600 and 7500 |
12.2(4)MB3 |
||
|
On CCO |
||||
|
12.2MX |
12.2(4)MX only: Short-lived early deployment release |
12.2(4)MX1 |
||
|
2002-Feb-22 |
||||
|
12.2T |
Early deployment release for all major platforms |
12.2(2)T4 |
12.2(8)T |
|
|
On CCO |
||||