Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
863
Views
5
Helpful
4
Replies

ACS

Go to solution
Leroy Plock
Level 1
Level 1

‎03-15-2016 10:52 AM - edited ‎03-10-2019 11:34 PM

Hello,

Nessus scan shows our ACS appliance is vulnerable to CVE-2015-5600 . (OpenSSH MaxAuthTries Bypass.) I've spent a couple hours searching and can't figure what version of ACS we have to upgrade to in order to address this vulnerability. Can anyone help?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Aditya Ganjoo
Cisco Employee
Cisco Employee

‎03-15-2016 11:17 AM

Hi Leroy,

Here is the bug link for this vulnerability:


https://tools.cisco.com/bugsearch/bug/CSCuw09481

The fix for this is in 5.6.0.22.4 (5.6 cumulative patch), please refer the below for your reference.

http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-6/release/notes/acs_56_rn.html#pgfId-373806

Link to download this ACS version:

https://software.cisco.com/download/release.html?mdfid=286281502&flowid=73108&softwareid=282766937&release=5.6.0.22&relind=AVAILABLE&rellifecycle=&reltype=latest

Let me know if you have any further query.

Regards,

Aditya

Please rate helpful posts.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Aditya Ganjoo
Cisco Employee
Cisco Employee

‎03-15-2016 11:17 AM

Hi Leroy,

Here is the bug link for this vulnerability:


https://tools.cisco.com/bugsearch/bug/CSCuw09481

The fix for this is in 5.6.0.22.4 (5.6 cumulative patch), please refer the below for your reference.

http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-6/release/notes/acs_56_rn.html#pgfId-373806

Link to download this ACS version:

https://software.cisco.com/download/release.html?mdfid=286281502&flowid=73108&softwareid=282766937&release=5.6.0.22&relind=AVAILABLE&rellifecycle=&reltype=latest

Let me know if you have any further query.

Regards,

Aditya

Please rate helpful posts.

0 Helpful

Go to solution
Adam Kedzierski
Level 1
Level 1
In response to Aditya Ganjoo

‎03-23-2016 02:27 AM

Hello Aditya!

I have the same problem with Nessus scan result but my ACS SW ver is 5.8.0.32.

I have not found confirmation in release notes that issue has been resolved.

Should I downgrade to 5.6.0.22.4?

0 Helpful

Go to solution
Leroy Plock
Level 1
Level 1

‎03-15-2016 11:20 AM

Thank you! It appears my failure to locate this was because I was using this format:CVE-2015-5600, while cisco uses this format: CVE2015-5600. Doh!

Go to solution
Aditya Ganjoo
Cisco Employee
Cisco Employee
In response to Leroy Plock

‎03-15-2016 11:37 AM

Hi,

No problem.

Happy to help !!!!

Regards,

Aditya

0 Helpful
Customers Also Viewed These Support Documents