cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
842
Views
5
Helpful
5
Replies
Highlighted
Beginner

CSCvg35618 - Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability - 1

 

Hi, I have two ASAs. (9.6.(1) and 9.4.(2)11). According to the article, I can see only three versions of ASA affected by this bug. Then can I ignore this bug since my ASAs do not have below versions? or do you recommend to upgrade ASA? Thanks. 

 

Known Affected Releases:
(3)
9.2(4)
9.6(2)
9.8(1)
5 REPLIES 5
Highlighted
Beginner

Re: CSCvg35618 - Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability - 1

Hello Kyujin,

 

You are running 9.6(1) and 9.6(2) is Known Affected. The Bug states 9.6(4) is Known Fixed. As 9.6(2) was affected the version you are running is affected as well.

 

Next, you are running 9.4(2.11) and 9.4(4.14) is Known Fixed. This ASA should be upgraded as well. 

 

 

HTH, Please Rate. 

 

Tim

Highlighted
VIP Advisor

Re: CSCvg35618 - Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability - 1

I just upgraded to 9.4.4.14 and went smooth.
Highlighted
Engager

Re: CSCvg35618 - Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability - 1

hi,

i'm also going to do an ASA upggrade but don't see 9.4.4.14 on the download area.

would you be kind to post the software download cisco link?

9.4.4 
9.4.3
9.4.2
9.4.1
Highlighted
Beginner

Re: CSCvg35618 - Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability - 1

My ASA is running on 9.1(7)13, there is only three versions are listed on affected list..

i can't see in affected version list. Do i need to upgrade ?

Advice Please.

Highlighted
Beginner

Re: CSCvg35618 - Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability - 1

Yes, you need to upgrade, the first fixed release in that code train is 9.1(7.20).

 

Regards