cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
937
Views
0
Helpful
8
Replies
Highlighted
Beginner

CSCva92151 - Cisco ASA SNMP Remote Code Execution Vulnerability

Hi guys,

are the 8.4.7 & higher also affected from Bug CSCva92151 ??

Best regards

Ayhan

8 REPLIES 8
Highlighted
Beginner

Yes, these releases are

Yes, these releases are affected:

8.4.7
8.4.7.3
8.4.7.15
8.4.7.22
8.4.7.23
8.4.7.26
8.4.7.28
8.4.0
8.4.7.29

Sorry, but you can do the workaround till the upgrade availability.

Ahmed 

Highlighted

Hi Ahmed,

Hi Ahmed,

How about 8.4.7 (30) ?

Thanks

Highlighted
Beginner

Hi Venakteshwara,

Hi Venakteshwara,


        In the "cvrf" file for the bug, it's not mentioned as affected. I saw that Cisco has been updated the bug doc
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCva92151,
and it mentioned it as fixed, and if u check the the website to download the updated software like:

9.0(4.40)
9.1(7.9)
9.2(4.14)
9.3(3.10)
9.4(3.7)
9.6(1.11)
9.6(1.112)
97.1(1.134)
U wont find any of them, may be it'll be released or there's a plan to be released soon, so just we should be patient :)
I'll wait a while and then I'll check the updates regarding the different platform that I have.

Ahmed

Highlighted
Beginner

Hi Ahmed,

Hi Ahmed,

i have also found nothing to download from mentioned Software for the ASA 5520 or 5525-X.

@Venkateshwara

I would be interessted if the fix is included in 8.4.7.30 or 8.4.7.31, as they were the last updates which are installed on many ASA's as a solution for CSCux29978 and CSCux42019 on April/June (IKE Buffer Overflow Vulnerability) short time ago.

It is important to stay at 8.4.7 train for some customers (different reasons).

Best Regards

Ayhan

Highlighted
Beginner

I am using version 9.3(2) and

I am using version 9.3(2) and not sure which version i should upgrade to:

9.3.(3.10) or 9.4 or 9.6

Any recommendation and reason why i should choose that version?

Highlighted
Beginner

Does anyone know if using the

Does anyone know if using the no snmp-server enable command is a work around?


Jen

Highlighted
Beginner

Hi Merzj,

Hi Merzj,

Using this command as a workaround is more enough, as a workaround is enough is using snmp-server host x.x.x.x, to enable only specifi hosts.

Cisco doc say,

Workarounds
  • Administrators are advised to allow only trusted users to have SNMP access and to monitor affected systems using the snmp-server host command.

Regards,

Ahmed 

Highlighted
Beginner
Beginner

Hi,

Hi,

My information from Cisco TAC is, that all of the software versions are affected. 

However you are good, if you use this mentioned workaround, where you do not allow SNMP from outside or let´s say you allow it only from some trusted hosts.

The software is not available for now, but should be released in few days. 

BR

This widget could not be displayed.