03-15-2016 10:52 AM - edited 03-10-2019 11:34 PM
Hello,
Nessus scan shows our ACS appliance is vulnerable to CVE-2015-5600 . (OpenSSH MaxAuthTries Bypass.) I've spent a couple hours searching and can't figure what version of ACS we have to upgrade to in order to address this vulnerability. Can anyone help?
Solved! Go to Solution.
03-15-2016 11:17 AM
Hi Leroy,
Here is the bug link for this vulnerability:
https://tools.cisco.com/bugsearch/bug/CSCuw09481
The fix for this is in 5.6.0.22.4 (5.6 cumulative patch), please refer the below for your reference.
http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-6/release/notes/acs_56_rn.html#pgfId-373806
Link to download this ACS version:
https://software.cisco.com/download/release.html?mdfid=286281502&flowid=73108&softwareid=282766937&release=5.6.0.22&relind=AVAILABLE&rellifecycle=&reltype=latest
Let me know if you have any further query.
Regards,
Aditya
Please rate helpful posts.
03-15-2016 11:17 AM
Hi Leroy,
Here is the bug link for this vulnerability:
https://tools.cisco.com/bugsearch/bug/CSCuw09481
The fix for this is in 5.6.0.22.4 (5.6 cumulative patch), please refer the below for your reference.
http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-6/release/notes/acs_56_rn.html#pgfId-373806
Link to download this ACS version:
https://software.cisco.com/download/release.html?mdfid=286281502&flowid=73108&softwareid=282766937&release=5.6.0.22&relind=AVAILABLE&rellifecycle=&reltype=latest
Let me know if you have any further query.
Regards,
Aditya
Please rate helpful posts.
03-23-2016 02:27 AM
Hello Aditya!
I have the same problem with Nessus scan result but my ACS SW ver is 5.8.0.32.
I have not found confirmation in release notes that issue has been resolved.
Should I downgrade to 5.6.0.22.4?
03-15-2016 11:20 AM
Thank you! It appears my failure to locate this was because I was using this format:CVE-2015-5600, while cisco uses this format: CVE2015-5600. Doh!
03-15-2016 11:37 AM
Hi,
No problem.
Happy to help !!!!
Regards,
Aditya
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide