05-19-2021 04:42 PM
The Python that is installed, is on version 2.6.4, which is end of life and not supported anymore, so it flags in vulnerability scans. Is there any plans for the ESAs to use a supported or latest (3.8) version of Python?
Solved! Go to Solution.
05-19-2021 08:18 PM
Currently planned Python 3.x in ESA 15.0, exact version details are still being worked out.
05-19-2021 05:26 PM
05-19-2021 05:46 PM
Tenable.sc. The ESA is flagging on this plugin/vuln: https://www.tenable.com/plugins/nessus/148367
05-19-2021 05:59 PM
Cisco continue to fix CVE that reported until the Python is upgrade to version 3.0
05-19-2021 05:57 PM
Python upgrade to 3.0 is planned as part of 15.0 release
05-19-2021 06:49 PM
Do you mean 3.6? Anything before 3.6 is end of life.
05-19-2021 08:18 PM
Currently planned Python 3.x in ESA 15.0, exact version details are still being worked out.
05-19-2021 09:01 PM
Thanks. Do you know when ESA 15.0 is expected to release?
05-20-2021 03:21 AM
Not sure, based on previous releases, ESA15.0 expected to be released in Dec or Jan or Feb
07-13-2021 10:39 AM
So just to be sure I'm understanding this correctly ... Cisco is running an outdated version of Python that is no longer supported (this fact should have been known for some time if SDLC principles were being applied) and is not planning on fixing this until December?
07-14-2021 06:18 AM
I have posted the following Blog as well - https://community.cisco.com/t5/security-blogs/python-on-secure-email-vulnerability-concerns-july-2021/ba-p/4433037
Please see here for more information.
05-20-2021 05:11 AM
05-20-2021 01:07 PM - edited 05-21-2021 06:05 AM
Thank you
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide