Re: CSCvg35618 - Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulne...

Kyujin Choi · ‎01-30-2018

Hi, I have two ASAs. (9.6.(1) and 9.4.(2)11). According to the article, I can see only three versions of ASA affected by this bug. Then can I ignore this bug since my ASAs do not have below versions? or do you recommend to upgrade ASA? Thanks.

Known Affected Releases:

(3)

9.2(4)

9.6(2)

9.8(1)

Tim Glen · ‎01-30-2018

Hello Kyujin,

You are running 9.6(1) and 9.6(2) is Known Affected. The Bug states 9.6(4) is Known Fixed. As 9.6(2) was affected the version you are running is affected as well.

Next, you are running 9.4(2.11) and 9.4(4.14) is Known Fixed. This ASA should be upgraded as well.

HTH, Please Rate.

Tim

Mohammed al Baqari · ‎01-30-2018

I just upgraded to 9.4.4.14 and went smooth.

johnlloyd_13 · ‎02-01-2018

hi,

i'm also going to do an ASA upggrade but don't see 9.4.4.14 on the download area.

would you be kind to post the software download cisco link?

4

9.4.4

9.4.3

9.4.2

9.4.1

3

9.3.3

9.3.2

9.3.1.SMP

edit - found it under interrim section

https://software.cisco.com/download/release.html?mdfid=284143129&flowid=&softwareid=280775065&release=9.4.4&relind=AVAILABLE&rellifecycle=&reltype=latest

jm.virtual01 · ‎01-31-2018

My ASA is running on 9.1(7)13, there is only three versions are listed on affected list..

i can't see in affected version list. Do i need to upgrade ?

Advice Please.

Tim Glen · ‎01-31-2018

Yes, you need to upgrade, the first fixed release in that code train is 9.1(7.20).

Regards

CSCvg35618 - Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability - 1