11-01-2016 06:17 AM - edited 03-20-2019 09:07 PM
Gentlemen
Need your help, because it's not clear the affected ASA version.
ASA 5540 we take care has asa917-k8.bin.
Bug informs only affected 9.1(2) and 9.2. Last release for 9.1.x available in Cisco site is asa917-11-k8.bin.
Should I upgrade ASA version or 9.1(7) is clean for this bug?
Regards
Christian
11-01-2016 07:46 AM
I do not believe that Cisco has released a new IOS version to address this vulnerability.
11-03-2016 01:23 AM
Hi Christian,
I have contact TAC and this was the reply:
Yes dear ,all the release of 9.2 is affected .And as you know until now there is no workaround or fix releases but the developer team still working on it. You can subscribe the bug by clicking on the save button so you will receive this bug updates.
11-04-2016 01:34 PM
Any information regarding 9.1(7) or any 9.1.x?
11-07-2016 12:06 AM
The same, IOS not released yet
11-28-2016 06:36 PM
Good day sirs, do you guys have any update regarding the fixed version? seems the fixed release is not relevant from the download portal. Thanks
MK
11-29-2016 12:51 AM
Hi Ming,
This was the last reply from Cisco, days ago, about this issue .. So still no fixed release yet
Regarding bug # CSCvb48640 the fix releases that exist in the advisory link are an engineer releases and it used to test the fix and once the fix is verified, it will be introduced in the latest releases.
11-29-2016 05:44 PM
Hi IBMintdev
Thanks for your reply and much appreciated.
MK
12-22-2016 07:17 PM
Hi IBMintdev
Wondering if you have any update from TAC regarding the release? understand from bug notes the fix is not release yet.
Merry Christmas!
Thank you
Ming Keat
12-23-2016 12:04 AM
Hi Ming,
Yes, Not released yet
01-13-2017 12:47 AM
Hello Christian,
Software version 9.1(7.12) is available on the website and contains a fix for bug ID CSCvb48640.
An upgrade is recommended to fix this vulnerability.
You may download 9.1(7.12) version from the website:
Adaptive Security Appliance (ASA) Software
Show your appreciation by rating content and mark question as answered if it is.
Regards,
- Marcela.
01-13-2017 12:47 AM
Hi Marcela
We're using for version 9.4, any news for the release of 9.4.x to fix this vulnerability?
Thank you
Regards,
Ming Keat
01-13-2017 10:34 AM
Hi Ming,
Version 9.4.4 was released January 10th and it includes a fix for the vulnerabilities described on Bug Id CSCvb48640.
You may find the image under "Firewalls" section in Software Download for Security Products page:
https://software.cisco.com/download/navigator.html?mdfid=268438162&flowid=22661
Show your appreciation by rating content and mark question as answered if it is.
Regards,
-Marcela.
01-16-2017 03:50 AM
Thank you Marcela,
below update about 9.2 and 9.6 from Cisco
This software defect is not integrated in 9.2 version yet.
It will be resolved in software version 9.2.4.19
9.2.4.19 Will be release around 03/27/2017. Or you can upgrade to version 9.6.2.8 which is expected to release around 01/30/2017
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide