cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
674
Views
5
Helpful
7
Replies
Highlighted
Beginner

CSCvg35618 - Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability - 10

Which version is stable - 9.6.3.20 (Interim) or 9.6.4?

9.6.4 don`t have bug (SSL VPN) but 9.6.3.20 is sugessted by cisco.

7 REPLIES 7
Highlighted
Hall of Fame Community Legend

Re: CSCvg35618 - Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability - 10


@danielpc89 wrote:

9.6.4 don`t have bug (SSL VPN) but 9.6.3 is sugessted by cisco.


But 9.6(3) is vulnerable.   The "gold star" has been there BEFORE the vulnerability was discovered.

Highlighted
Beginner

Re: CSCvg35618 - Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability - 10

I know that 9.6.(3) is vulnerable but 9.6.3.20 is not vulnerable.

Upgrade to which version is prefer from 9.6.3.1? To 9.6.3.20 (Interim) or 9.6.4?

 

 

 

 

Highlighted
Hall of Fame Community Legend

Re: CSCvg35618 - Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability - 10

No one knows your network better than you.
Read the Release Notes and make a judgement call.
Highlighted
Beginner

Re: CSCvg35618 - Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability - 10

@danielpc89 - Did you get an actual answer? 9.3.6.20 was the 'first fixed release' listed by Cisco and the release notes do list CSCvg35618 as a resolved defect. I just received a proactive notification email from Cisco that lists 9.6.4.3 as the first fixed release. However, the release notes for this version are still blank.
Highlighted
Hall of Fame Community Legend

Re: CSCvg35618 - Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability - 10


@lucasmarcel wrote:
However, the release notes for this version are still blank.

The people working in the Security area work at different "speed" compared to other areas, like documentation. 

Highlighted
Beginner

Re: CSCvg35618 - Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability - 10

The slides from the Recon Conference are now public and I imagine exploit tools are being created right now.

 

The PSIRT was updated today. 9.6(3.20) is no longer considered Fixed.  For 9.6.x the First Fixed is now 9.6(4.3), see screenshot below.  Hope this helps,  Tim

 

Cisco_Systems.jpg

 

 

Highlighted
Beginner

Re: CSCvg35618 - Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability - 10

Thanks, I saw the update security notice after I posted and updated my firewalls to the recommended release.