Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1993
Views
10
Helpful
1
Replies

Cisco Adaptive Security Device Manager Remote Code Execution VULN

Go to solution
kyojuro112
Level 1
Level 1

‎01-03-2022 04:06 PM

Our Cisco ASA Devices (ASA 5515 Security Plus)
have been flagged for CVE-2021-1585 bug with high priority. I could not yet find any sources to resolve this issue.
Anyone here know how to fix? 
The CVE literally says no workaround for this. 
 
Below is the info that we have for our ASA. 
 

ASA 5515 Security Plus
Cisco Adaptive Security Appliance Software Version 9.9(2)
Firepower Extensible Operating System Version 2.3(1.84)

ASDM Version: 7.9(2)
ASA Version: 9.9(2)

Encryption: 3DES-AES

Preview file
155 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎01-03-2022 04:31 PM

This is the Security Bulletin:  Cisco Adaptive Security Device Manager Remote Code Execution Vulnerability

There is no workaround available. 
The only fix is to upgrade the affected firmware.

 

View solution in original post

1 Reply 1

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎01-03-2022 04:31 PM

This is the Security Bulletin:  Cisco Adaptive Security Device Manager Remote Code Execution Vulnerability

There is no workaround available. 
The only fix is to upgrade the affected firmware.

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents