Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2661
Views
0
Helpful
7
Replies

CSCvw79912 - Cisco Adaptive Security Device Manager Remote Code Execution Vulnerability

AustinHarsh2908
Level 1
Level 1

‎07-09-2021 09:43 AM

So....

Is ASDM version 7.16.1.150 not vulnerable then? It says that 7.16.1.77 is vulnerable, I'm assuming that's the 7.16.1 download, we just don't see the last version number. What about 7.15.1.150? Is that vulnerable or not? I'm assuming at this point, it IS vulnerable, but I don't know.

 

Also, the adversary page is confusing since it lists 9.16.1 as vulnerable, but that's not a ASDM version number from what I can tell.

 

Thanks

5 people had this problem
Labels:
0 Helpful
7 Replies 7

jaguillou
Level 1
Level 1

‎07-13-2021 12:51 PM

advisory says "At the time of publication, this vulnerability affected Cisco ASDM releases 7.16(1.150) and earlier."  Your download site has nothing newer than 7.16(1.150) so what do we do?

You need to really work on your advisories and offer software that resolves the issue.

Highest version offered is 7.16(150) which says its vulnerable.

0 Helpful

AustinHarsh2908
Level 1
Level 1
In response to jaguillou

‎07-13-2021 01:57 PM

Ah, so it looks like they updated the advisory page to make it clear. In this case, we just need to wait. Cisco should release an updated ASDM within the next few weeks.

0 Helpful

mcnuttj
Level 1
Level 1
In response to jaguillou

‎09-09-2021 05:27 AM

I agree that the bug report could be more clear.  The bug report has half of the information and the advisory has the other half, making it so that both have to be checked and updated.  Seems kludgy to me.

 

That said, there isn't always a software upgrade that will fix the problem.  The version numbers don't entirely make sense to me - comparing what's in the Affected Versions list and what's available to download - but I can see that "Known Fixed Releases" has zero entries.  That means it isn't fixed yet.

 

They say there are no workarounds, but that's not true.  ASDM could be removed from the ASA, if there was a credible danger of a MITM attack between your admins and the firewall.  There's very little danger of that on my network, and we rarely launch ASDM anyway, but that IS a possibility.

 

I'm glad they put out these notices for things that are vulnerable, even if there isn't a fix yet.  I need to know where my weaknesses are.

0 Helpful

NguyenRicky78656
Level 1
Level 1

‎07-19-2021 11:51 PM

May I know if 7.12 (2) is affected too?

As listed 


Known Affected Releases: (3)
7.14(1.46)
7.15(1.86)
7.16(1.77)

0 Helpful

mcnuttj
Level 1
Level 1
In response to NguyenRicky78656

‎09-09-2021 05:54 AM

The last release for 7.12 was in 2019.  It's likely not being maintained any more.  If I were you, I'd put a more recent version on there anyway.

0 Helpful

NguyenRicky78656
Level 1
Level 1

‎09-14-2021 10:40 PM

Hello,

 

Does anyone able to access this link as mentioned by Cisco, fixed version is planned and detail in it

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw79912

 

Fixed Releases

At the time of publication, Cisco planned to fix this vulnerability in Cisco ASDM. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information

Advisory

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asdm-rce-gqjShXW

Thank you

0 Helpful

AustinHarsh2908
Level 1
Level 1
In response to NguyenRicky78656

‎09-23-2021 01:54 PM

Yeah, they've updated it:

 

Known Fixed Releases:
(2)
7.17(1.76)
7.17(1.75)
 
Doesn't look like it's out just yet, hopefully soon.
0 Helpful
Customers Also Viewed These Support Documents