THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
Revision | Publish Date | Comments |
---|---|---|
1.0 |
24-Apr-21 |
Initial Release |
Affected OS Type | Affected Software Product | Affected Release | Affected Release Number | Comments |
---|---|---|---|---|
NON-IOS |
Application Patches |
22.0 |
22.0.2021.03 |
Cisco BroadWorks Release 22. |
NON-IOS |
Application Patches |
23.0 |
23.0.2021.03 |
Cisco BroadWorks Release 23. |
NON-IOS |
Application Patches |
24.0 |
24.0.2021.03 |
Cisco BroadWorks Release 24. |
Defect ID | Headline |
---|---|
CSCvx32766 | BEMS01198747 Verizon Security Scan Issues with BW SUDOERS Configuration on XSP |
After Cisco BroadWorks servers are prepatched with ap378332, scripts and tasks that rely on the sudoers file might fail to execute as expected.
When a Cisco BroadWorks server is prepatched with any of these patches, the system will fail to correctly execute tasks and scripts that rely on the sudoers file until a sudo password is provided.
Customers might notice that basic monitoring scripts, such as healthmon, do not execute as expected and prompt for a sudo password in order to continue.
Workaround
If the patch was applied on a running release (not through a prepatch), then no further action is required.
For customers that have already prepatched their servers and experience the sudoers issue, it is recommended to not remove the patch and instead execute this script in order to correct the issue:
sudo /usr/local/broadworks/bw_base/sbin/update_sudoers.pl
Solution
These Cisco BroadWorks patches have been rereleased to include a fix that prevents this issue. Customers who have already prepatched their servers are advised to remove the old patch and reapply the patch using the rereleased version.
Release 22
Release 23
Release 23
BroadWorks patches can be downloaded through the Cisco Software Download Center after logging in with your Cisco.com (CCO) account.
The version of BroadWorks that is currently deployed as well as the patches currently activated can be checked by executing the get versions all
command from the CLI. More information on how to check the patch level can be found in the Cisco BroadWorks Maintenance Guide.
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
My Notifications—Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.
Unleash the Power of TAC's Virtual Assistance