Cisco devices that are running Cisco IOS Software versions that include the Device Sensor feature are affected by this vulnerability. Devices that have at least one interface with an IP address are affected.
To determine whether the Cisco IOS Software release includes the Device Sensor feature, issue the show subsys
The following example shows the Device Sensor feature is included:
Switch#show subsys | include dsensor_lite
dsensor_lite Protocol 1.000.001
To determine whether an interface is assigned an IP address, issue the show ip interface brief
The following example indicates the FastEthernet1/0 interface is assigned IP address 10.10.10.1:
router#show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet1/0 10.10.10.1 YES manual up up
FastEthernet1/1 unassigned YES NVRAM up up
To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log in to the device and issue the show version command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to "Cisco Internetwork Operating System Software" or "Cisco IOS Software." The image name displays in parentheses, followed by "Version" and the Cisco IOS Software release name. Other Cisco devices do not have the show version command or may provide different output.
The following example identifies a Cisco product that is running Cisco IOS Software Release 15.0(1)M1 with an installed image name of C3900-UNIVERSALK9-M:
Router> show version
Cisco IOS Software, C3900 Software (C3900-UNIVERSALK9-M), Version 15.0(1)M1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Wed 02-Dec-09 17:17 by prod_rel_team
!--- output truncated
Additional information about Cisco IOS Software release naming conventions is available in "White Paper: Cisco IOS and NX-OS Software Reference Guide" at http://www.cisco.com/web/about/security/intelligence/ios-ref.html.
Cisco IOS XE and Cisco IOS XR Software are not affected by this vulnerability.
No other Cisco products are currently known to be affected by this vulnerability.