Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1181
Views
0
Helpful
6
Replies

Cisco Email Security Appliance Denial of Service Vulnerability

pbabu6001
Level 1
Level 1

‎09-21-2017 11:50 AM - edited ‎03-08-2019 07:24 PM

Our C670 appliance is running with version 9.7.1-066. Do I need to upgrade to next version?

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-esa

 

When I check for upgrades available for our appliance, then it is showing below versions:

9.7.2-131

9.7.2-065

11.0.0-264

11.0.0-105

10.0.0-203

 

Labels:
0 Helpful
6 Replies 6

Ken Stieers
VIP
VIP

‎09-21-2017 11:54 AM

If you want to be protected from this specific vulnerability, you need do need to upgrade.




0 Helpful

Libin Varghese
Cisco Employee
Cisco Employee

‎09-22-2017 05:33 AM

Hi,

 

The link provided has a defect ID which can be used to view the affected and fixed releases.

 

The link also has a table of fixed and affected releases in it.

 

Cisco AsyncOS ESA Software Major Release First Fixed Release for This Vulnerability
Prior to 8.5 Not Vulnerable
8.5 Not Vulnerable
9.0 Affected; migrate to 9.8.1 or 10.0.2-20 or later
9.1 Affected; migrate to 9.8.1 or 10.0.2-20 or later
9.5 Affected; migrate to 9.8.1 or 10.0.2-20 or later
9.6 Affected; migrate to 9.8.1 or 10.0.2-20 or later
9.7 Affected; migrate to 9.8.1 or 10.0.2-20 or later
9.8 9.8.1
10.0 10.0.2-020
11.0 Not Vulnerable 

 

Regards,

Libin Varghese

0 Helpful

pbabu6001
Level 1
Level 1
In response to Libin Varghese

‎09-22-2017 06:07 AM - edited ‎09-22-2017 06:08 AM

C670 is not showing 9.8.1 version.

 

When I check for upgrades available for our appliance, then it is showing below versions only:

9.7.2-131

9.7.2-065

11.0.0-264

11.0.0-105

10.0.0-203

0 Helpful

Libin Varghese
Cisco Employee
Cisco Employee
In response to pbabu6001

‎09-22-2017 06:40 AM

Async OS 9.8 is a FIPS release for goverment organizations who require Async OS with specific certifications.

 

For other customers you should upgrade to other available releases.

 

Release notes for all versions are available at:

https://www.cisco.com/c/en/us/support/security/email-security-appliance/products-release-notes-list.html

 

Note: You cannot upgrade from 9.8.0.x version to10.0.x release.

 

0 Helpful

pbabu6001
Level 1
Level 1
In response to Libin Varghese

‎09-28-2017 11:09 AM

Our C670 IronPorts running with 9.7 version and I can upgrade it to 10.0 version. But, the problem is CPU usage or performance of the IronPort. Currently, the CPU utilization is above 80%. 

Could you please suggest me basing on performance after upgraded to 10.0 version?

0 Helpful

Libin Varghese
Cisco Employee
Cisco Employee
In response to pbabu6001

‎10-03-2017 12:20 AM

You could start by looking at the System Capacity report under Monitor tab to see if the CPU is high due to load on the appliance at that time.

 

The command "status detail" should also give you a direction on that.

 

If the CPU is consistently high and you do not see the device under heavy load as per the reports I would recommend opening a TAC case to get that checked.

 

Regards,

Libin Varghese

0 Helpful
Customers Also Viewed These Support Documents