cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
939
Views
5
Helpful
5
Replies
Kyujin Choi
Beginner

CSCvg35618 - Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability - 1

 

Hi, I have two ASAs. (9.6.(1) and 9.4.(2)11). According to the article, I can see only three versions of ASA affected by this bug. Then can I ignore this bug since my ASAs do not have below versions? or do you recommend to upgrade ASA? Thanks. 

 

Known Affected Releases:
(3)
9.2(4)
9.6(2)
9.8(1)
5 REPLIES 5
Tim Glen
Beginner

Hello Kyujin,

 

You are running 9.6(1) and 9.6(2) is Known Affected. The Bug states 9.6(4) is Known Fixed. As 9.6(2) was affected the version you are running is affected as well.

 

Next, you are running 9.4(2.11) and 9.4(4.14) is Known Fixed. This ASA should be upgraded as well. 

 

 

HTH, Please Rate. 

 

Tim

I just upgraded to 9.4.4.14 and went smooth.

hi,

i'm also going to do an ASA upggrade but don't see 9.4.4.14 on the download area.

would you be kind to post the software download cisco link?

9.4.4 
9.4.3
9.4.2
9.4.1

My ASA is running on 9.1(7)13, there is only three versions are listed on affected list..

i can't see in affected version list. Do i need to upgrade ?

Advice Please.

Yes, you need to upgrade, the first fixed release in that code train is 9.1(7.20).

 

Regards