08-18-2016 05:40 AM
Does anyone has an idea about the progress for the bug fund in open ssl.
This product includes a version of OpenSSL that is affected by the vulnerability identified by one or more of the following Common Vulnerability and Exposures (CVE) IDs:
CVE-2016-2108 CVE-2016-2107 CVE-2016-2105 CVE-2016-2106 CVE-2016-2109 CVE-2016-2176
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuz52363
Solved! Go to Solution.
08-18-2016 06:45 AM
Hi Govind,
Unfortunately there is no workaround available to mitigate against this vulnerability at this time however from above mentioned defect page, you can click on "Add Notification" to receive updates via notifications email regarding status changes of this defect. This will allow you to know the workaround or when there has been a fixed version of AsyncOS released.
Regards,
Mohit Soni
08-18-2016 06:45 AM
Hi Govind,
Unfortunately there is no workaround available to mitigate against this vulnerability at this time however from above mentioned defect page, you can click on "Add Notification" to receive updates via notifications email regarding status changes of this defect. This will allow you to know the workaround or when there has been a fixed version of AsyncOS released.
Regards,
Mohit Soni
10-24-2016 10:39 AM
Hi guys!
some progress?
Regards,
Vinicius Reis
10-24-2016 12:13 PM
Vinicius,
As per the below link
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl
Async OS 10.5 for Cisco Email Security Appliance would carry a fix and current ETA is Dec 2016.
Thanks
Libin Varghese
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide