Showing results for 
Search instead for 
Did you mean: 
Create Post

How does one add IOS version to a Compliance Report? Or incorporate a Compliance Report into an Inventory report?

A recent Cisco IOS / IOS-XE vulnerability exists in certain code trains on Cisco L3 devices.  If the device is both:

  1. Running a vulnerable version of code, AND
  2. Using the phrase " ip helper-address" in the running-config,

Then it should be upgraded to a non-vulnerable IOS version.

I've created a Compliance Report that highlights all of my L3 devices that contain  "ip helper-address" in their configs.

The report includes NodeName, NodeIpAddress and the lines/instances of " ip helper-address" in the config.

But it does NOT include the IOS or IOS-XE version of code, which is what I need to make this work.

Alternately, I might be able to get what I need by creating or modifying an Inventory Report, if I knew how to add my new Compliance Report to the Inventory Report as a column.

Can you help me accomplish this?

Or, is there already a Cisco IOS Vulnerability report that deals with this " ip helper-address" issue, which I can download and use?  If so, what's it called, where can I get it?


Rick Schroeder

Labels (1)
2 Replies
Level 10

@rschroederdid you ever find a solution? I see a lot of unanswered or poorly answered questions just like yours out there.



0 Kudos

I haven't seen a good solution so far, Eric. I believe one exists, that SWQL can be made to do the work; I'm no SWQL expert, and am hoping / waiting for one of them (or SW Support) to look into it and provide a script for us script-kiddies to use. I'm not holding my breath, but it's also not an urgent issue for me (yet).
0 Kudos