BugZero | Cisco BugID CSCwi68331 - During FMC hardware migration failure error encoun...

Cisco - Defect ID: CSCwi68331

During FMC hardware migration failure error encountered due to FN 72501

Cisco - Defect ID: CSCwi68331

During FMC hardware migration failure error encountered due to FN 72501

Last updated on 1/19/2024

Overall: 5.75.7

Severity: 6.46.4

Lifecycle: 4.64.6

Popularity: 4.64.6

What is the BugZero Risk Score?

Vendor details

No defect details.

Overall: 5.75.7

Severity: 6.46.4

Lifecycle: 4.64.6

Popularity: 4.64.6

What is the BugZero Risk Score?

Vendor details

No defect details.

Symptom

During FMC hardware migration failure encountered due to FN 72501 (https://www.cisco.com/c/en/us/support/docs/field-notices/725/fn72501.html) resulting in leaving migration in a state where it cannot be retried as password for databases are modified to the backup file and resuming migration is not possible. Fri Dec 22 19:58:03 2023 tar -xzm --directory=//var/tmp/backupmZIp/ --file=/var/tmp/backupmZIp/tarball.tgz Fri Dec 22 19:58:06 2023 moving files from "//var/tmp/backupmZIp" to / System (/bin/cp -r -p //var/tmp/backupmZIp/etc /) Failed -- (/bin/cp: cannot overwrite directory '/etc/sf/keys/fireamp/thawte_roots' with non-directory) After applying workaround for FN 72501 and resuming migration encounters following error getPeersByRole: unable to connect to db at /usr/local/sf/lib/perl/5.24.4/SF/PeerManager/Peers.pm line 238. Couldn't connect to DB at /usr/local/sf/lib/perl/5.24.4/SF/RNA/Vulnerabilities.pm line 982. Printing stack trace: called from /usr/local/sf/lib/perl/5.24.4/SF/RNA/Vulnerabilities.pm (982) called from /usr/local/sf/lib/perl/5.24.4/SF/SRU.pm (1076) called from /usr/local/sf/lib/perl/5.24.4/SF/BackupRestore.pm (1390) called from /usr/local/sf/bin/sf-restore-backup.pl (263) called from /usr/local/sf/bin/sf-restore-backup.pl (89) This is because the password file used is overwritten from the one in backup and migration cannot be restarted due to incorrect passwords.

Conditions

Workaround for FN 72501 not applied and a version used where this FN is not fixed.

Workaround

Use workaround documented in FN 72501 pmtool disablebyid mysql cp -ipr /etc/sf/dbaccess.conf /etc/sf/dbaccess.conf.current cp -ipr /etc/sf/dbaccess.conf.last /etc/sf/dbaccess.conf pmtool enablebyid mysql restart migration .

Further Problem Description

PSIRT Evaluation: The Cisco PSIRT has evaluated this issue and determined it does not meet the criteria for PSIRT ownership or involvement. This issue will be addressed via normal resolution channels. If you believe that there is new information that would cause a change in the severity of this issue, please contact psirt@cisco.com for another evaluation. Additional information on Cisco's security vulnerability policy can be found at the following URL: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

Original Vendor Announcement

9.65Defect ID: CSCwd45843
Auth Step latency for policy evaluation due to Garbage Collection activity.
9.65Defect ID: CSCwa92734
CUBE DTMF interworking fails from rtp-nte to OOB SIP methods
9.65Defect ID: CSCwj45822
Cisco ASA and FTD Software Remote Access VPN Brute Force Denial of Service Vulnerability
9.65Defect ID: CSCvo03458
PKI "revocation check crl none" does not fallback if CRL not reachable
9.65Defect ID: CSCvq05584
Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability

Ready to prevent the next vendor outage?

Get a demo

OPERATIONAL DEFECT DATABASE

Cisco - Defect ID: CSCwi68331

During FMC hardware migration failure error encountered due to FN 72501

Cisco - Defect ID: CSCwi68331

During FMC hardware migration failure error encountered due to FN 72501

Last updated on 1/19/2024

Vendor details

Vendor details

Description

Symptom

Conditions

Workaround

Further Problem Description

Links

Top Cisco defects by risk score

Ready to prevent the next vendor outage?