cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
784
Views
5
Helpful
7
Replies
danielpc89
Beginner

CSCvg35618 - Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability - 10

Which version is stable - 9.6.3.20 (Interim) or 9.6.4?

9.6.4 don`t have bug (SSL VPN) but 9.6.3.20 is sugessted by cisco.

7 REPLIES 7
Leo Laohoo
VIP Community Legend


@danielpc89 wrote:

9.6.4 don`t have bug (SSL VPN) but 9.6.3 is sugessted by cisco.


But 9.6(3) is vulnerable.   The "gold star" has been there BEFORE the vulnerability was discovered.

I know that 9.6.(3) is vulnerable but 9.6.3.20 is not vulnerable.

Upgrade to which version is prefer from 9.6.3.1? To 9.6.3.20 (Interim) or 9.6.4?

 

 

 

 

Leo Laohoo
VIP Community Legend

No one knows your network better than you.
Read the Release Notes and make a judgement call.

@danielpc89 - Did you get an actual answer? 9.3.6.20 was the 'first fixed release' listed by Cisco and the release notes do list CSCvg35618 as a resolved defect. I just received a proactive notification email from Cisco that lists 9.6.4.3 as the first fixed release. However, the release notes for this version are still blank.
Leo Laohoo
VIP Community Legend


@lucasmarcel wrote:
However, the release notes for this version are still blank.

The people working in the Security area work at different "speed" compared to other areas, like documentation. 

The slides from the Recon Conference are now public and I imagine exploit tools are being created right now.

 

The PSIRT was updated today. 9.6(3.20) is no longer considered Fixed.  For 9.6.x the First Fixed is now 9.6(4.3), see screenshot below.  Hope this helps,  Tim

 

Cisco_Systems.jpg

 

 

Thanks, I saw the update security notice after I posted and updated my firewalls to the recommended release.