Yes, these releases are affected:
Sorry, but you can do the workaround till the upgrade availability.
In the "cvrf" file for the bug, it's not mentioned as affected. I saw that Cisco has been updated the bug doc
and it mentioned it as fixed, and if u check the the website to download the updated software like:
i have also found nothing to download from mentioned Software for the ASA 5520 or 5525-X.
I would be interessted if the fix is included in 220.127.116.11 or 18.104.22.168, as they were the last updates which are installed on many ASA's as a solution for CSCux29978 and CSCux42019 on April/June (IKE Buffer Overflow Vulnerability) short time ago.
It is important to stay at 8.4.7 train for some customers (different reasons).
I am using version 9.3(2) and not sure which version i should upgrade to:
9.3.(3.10) or 9.4 or 9.6
Any recommendation and reason why i should choose that version?
Using this command as a workaround is more enough, as a workaround is enough is using snmp-server host x.x.x.x, to enable only specifi hosts.
Cisco doc say,
My information from Cisco TAC is, that all of the software versions are affected.
However you are good, if you use this mentioned workaround, where you do not allow SNMP from outside or let´s say you allow it only from some trusted hosts.
The software is not available for now, but should be released in few days.