cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
428
Views
5
Helpful
2
Replies

CSCvh20742 - Cisco Adaptive Security Appliance Clientless SSL VPN Cross-Site Scripting Vulnerability

Could someone confirm is version 9.1(7-23) affected or not, please.

2 REPLIES 2
Beginner

Re: CSCvh20742 - Cisco Adaptive Security Appliance Clientless SSL VPN Cross-Site Scripting Vulnerability

Bug ID shows 9.1(7.25) as known fixed release so i would guess 9.1(7)23 is vulnerable.

 

 

Re: CSCvh20742 - Cisco Adaptive Security Appliance Clientless SSL VPN Cross-Site Scripting Vulnerability

But this bug is not included in release note for 9.1(7). More over 9.1 is not added in "Known Affected Releases:" in bug.

 

Revision: Version 9.1(7)25 – 03/20/2018

Files: asa917-25-smp-k8.bin, asa917-25-k8.bin

Defects resolved since 9.1(7)23:

 

CSCva92997

9.7.1 traceback in snp_fp_qos

CSCvh90947

ASA traceback with Thread Name: fover_parse

 

 

Revision: Version 9.1(7)23 – 02/03/2018

Files: asa917-23-smp-k8.bin, asa917-23-k8.bin

Defects resolved since 9.1(7)21:

 

CSCvh79732

Cisco Adaptive Security Appliance Denial of Service Vulnerability

CSCvh81870

Memory leak in IKE for aggregate-auth

 

 

Revision: Version 9.1(7)21 – 01/05/2018

....

 

CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards