-
Notifications
You must be signed in to change notification settings - Fork 0
/
CVE-2019-1746.yml
28 lines (18 loc) · 968 Bytes
/
CVE-2019-1746.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
---
- name: CVE-2019-1746
hosts: labrouters
connection: network_cli
gather_facts: no
# This playbook is for example purposes only.
# CVE-2019-1746 Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-cmp-dos
# This vulnerability affects Cisco Catalyst Switches that are running a vulnerable release of Cisco IOS or IOS XE Software when the switch meets all the following conditions:
# * CMP is enabled. On some platforms, CMP is enabled by default.
# * The switch is configured to be part of a cluster domain.
# * The switch has a role of command switch or member switch.
# Cisco does not list a workaround for this vuln. If CMP is not needed, it can be disabled.
task:
- name: DISABLE CLUSTER
ios_config:
lines:
- no cluster enable