Current AsyncOS Version:14.0.0-692 Security Scan reporting FreeBSD 10.4

smithmj29 · ‎06-01-2021

We are utilizing Nessus security scanner and it is reporting the following. When will this be upgraded? We are on the latest release of Cisco Code Current AsyncOS Version:14.0.0-692

<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>.

Description
According to its self-reported version number, the Unix operating system running on the remote host is no longer supported.

Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities.
Solution
Upgrade to a version of the Unix operating system that is currently supported.
Output
FreeBSD 10.4 support ended on 2018-10-31.
Upgrade to FreeBSD 11.4 / 12.2.

svgeorgi · ‎06-01-2021

Please note that FreeBSD under AsyncOS is not the typical version you can freely download from Internet. It's heavily modified, patched and supported by Cisco. Version of FreeBSD is upgraded usually with major releases of AsyncOS to accommodate the needed changes/resources of the upgraded OS.

smithmj29 · ‎06-03-2021

Thanks for the clarification .

SriramV · ‎06-01-2021

We do, however, continue to encourage customers to send their vulnerability concerns, if any, to PSIRT:

https://tools.cisco.com/security/center/resources/security_vulnerability_policy.html

PSIRT will work directly with the affected products and Engineering to assure that concerns are reviewed and addressed promptly.