CISCO-SA-IOSXE-LOBBY-PRIVESC-KWXBQJY

Vulnerable Products:

At the time of publication, this vulnerability affected Cisco devices if they were running a vulnerable release of Cisco IOS XE Software and had Lobby Ambassadors configured.

For information about which Cisco software releases are vulnerable, see the Fixed Software ["#fs"] section of this advisory. Determine the Device Configuration To determine whether a device has any Lobby Ambassadors configured, use the show running-config | include lobby-admin command in privileged EXEC mode. If type lobby-admin is returned in the output at least once, as shown in the following example, the device has Lobby Ambassadors configured and is affected by this vulnerability:

Switch#show running-config | include lobby-admin type lobby-adminProducts Confirmed Not Vulnerable:

Only products listed in the Vulnerable Products ["#vp"] section of this advisory are known to be affected by this vulnerability.

Cisco has confirmed that this vulnerability does not affect the following Cisco products:

IOS Software IOS XR Software NX-OS Software Wireless LAN Controller (WLC) AireOS SoftwareWorkarounds:

There are no workarounds that address this vulnerability.Fixed Software:

Cisco considers any workarounds and mitigations (if applicable) to be temporary solutions until an upgrade to a fixed software release is available. To fully remediate this vulnerability and avoid future exposure as described in this advisory, Cisco strongly recommends that customers upgrade to the fixed software indicated in this advisory. Cisco IOS and IOS XE Software To help customers determine their exposure to vulnerabilities in Cisco IOS and IOS XE Software, Cisco provides the Cisco Software Checker ["https://sec.cloudapps.cisco.com/security/center/softwarechecker.x"]. This tool identifies any Cisco security advisories that impact a specific software release and the earliest release that fixes the vulnerabilities that are described in each advisory (“First...