. home.aspx



Cisco patches a critical patch on its software-license manager

December 27, 2018 / Michael Cooney

Cisco this week said it patched a “critical” patch for its Prime License Manager (PLM) software that would let attackers execute random SQL queries. The Cisco Prime License Manager offers enterprise-wide management of user-based licensing, including license fulfillment. Released in November, the first version of the Prime License Manager patch caused its own “functional” problems that Cisco was then forced to fix. That patch, called ciscocm.CSCvk30822_v1.0.k3.cop.sgn addressed the SQL vulnerability but caused backup, upgrade and restore problems, and should no longer be used Cisco said. Cisco wrote that “customers who have previously installed the ciscocm. CSCvk30822_v1.0.k3.cop.sgn patch should upgrade to the ciscocm.CSCvk30822_v2.0.k3.cop.sgn patch to remediate the functional issues. Installing the v2.0 patch will first rollback the v1.0 patch and then install the v2.0 patch.”