The bug I referenced above is a high severity and I happen to have an old end of life ASA 5520 that shows on the "Products confirmed not vulnerable" list. My general concern is that I ran the "show asp table socket | i SSL|DTLS" command and got a similar output showing that it could be vulnerable.
Just wanted to get someone else's opinion on it. Again this ASA is end of life and it's being decommissioned once we migrate everything that it's doing off to the new firewall. Appreciate any info.
# sh ver
Cisco Adaptive Security Appliance Software Version 9.1(7)23
As noted in the Security Advisory, "This vulnerability applies only to the ASA hardware platforms that use a specific cryptographic driver for SSL and TLS packet decryption and encryption."
The vulnerable products (ASA 5506, 5508 and 5516 series) all have a common cryptographic driver due to their use of a chipset (Cavium Octeon III 7130) unique to that hardware.
Ironically that chipset is intended to make the hardware platforms MORE secure. That is coincidentally why they all use the unique images with the "lfbff" string in the image name indicating digitally signed and verified images.
Enable full visibilityCreating first policy setUnderstanding ISE Live Logs statusUnderstanding ISE Live Sessions Status
These are few tips that will help you with your first deployment of ISE. For advanced tips, please visit: https://community.cis...
This guide helps in troubleshooting the IBM QRadar pxGrid App. It is assumed that the ISE pxGrid App has already been installed in QRadar. The official IBM QRadar pxGrid App How-to Guide can be downloaded from: https://exchange.xforce.ibmcloud.com/...
Join us live on Tuesday, July 16 at 10 am PT to learn how integration and automation are the key to successful security designs. We’ll answer questions about Threat Response and also do a quick demo of our browser plugin and our latest integration wi...
Hello and welcome to the repository for the Monthly Webinar Series put together by our Desert Plains Operation Security Architecture team.
Our sessions are NOT recorded -- however you'll find historical slide decks attached as well as futu...
In June we have had new additions to our growing list of Machine-Learning-powered Confirmed Threat detections provided by the Cognitive Intelligence engine. Thanks to the improvement made to our Machine Learning backend (see Machine Learning Backend Impro...