Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1098
Views
0
Helpful
6
Replies

asa snmp vulnerability

Go to solution
rajmkcl
Level 1
Level 1

‎09-03-2016 05:56 AM - edited ‎03-12-2019 01:13 AM

Have asa 5525 running on version 8.6.1. On which version I can go supported on the device to fix recent snmp vulnerability.

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
pradypan
Cisco Employee
Cisco Employee

‎09-03-2016 06:01 AM

Hi,

The fix for the vulnerability is been addressed in version 9.1.7.9 which is supported on the platform you are running on. Please find the below link regarding the vulnerability for your reference.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp

Regards
Pradyumna

View solution in original post

0 Helpful

Go to solution
pradypan
Cisco Employee
Cisco Employee
In response to rajmkcl

‎09-03-2016 06:08 AM

Hi,

Since you are running on version 8.6.1, you need to follow an upgrade path in order to move to version 9.1.7.9.

8.6.1 -> 9.0.4 -> 9.1.7.9

Also please find the release notes for 9.1.x version for your reference.

http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/release/notes/asarn91.html#pgfId-763574

For the HA, you can upgrade with a zero downtime. First upgrade the standby unit. Once done make it as Active unit and then proceed with other unit. (Remember to take a backup of configuration before proceeding with upgrade).

Please find the below document for you reference for upgrading Active/Standby failover pair.

http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/upgrade/upgrade91.html#pgfId-61610


Regards,
Pradyumna

View solution in original post

0 Helpful
6 Replies 6

Go to solution
pradypan
Cisco Employee
Cisco Employee

‎09-03-2016 06:01 AM

Hi,

The fix for the vulnerability is been addressed in version 9.1.7.9 which is supported on the platform you are running on. Please find the below link regarding the vulnerability for your reference.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp

Regards
Pradyumna

0 Helpful

Go to solution
rajmkcl
Level 1
Level 1
In response to pradypan

‎09-03-2016 06:03 AM

thanks for quick reply. I am having failover active standby, can I upgrade with no downtime. Is there any path I need to go for upgrade.

0 Helpful

Go to solution
pradypan
Cisco Employee
Cisco Employee
In response to rajmkcl

‎09-03-2016 06:08 AM

Hi,

Since you are running on version 8.6.1, you need to follow an upgrade path in order to move to version 9.1.7.9.

8.6.1 -> 9.0.4 -> 9.1.7.9

Also please find the release notes for 9.1.x version for your reference.

http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/release/notes/asarn91.html#pgfId-763574

For the HA, you can upgrade with a zero downtime. First upgrade the standby unit. Once done make it as Active unit and then proceed with other unit. (Remember to take a backup of configuration before proceeding with upgrade).

Please find the below document for you reference for upgrading Active/Standby failover pair.

http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/upgrade/upgrade91.html#pgfId-61610


Regards,
Pradyumna

0 Helpful

Go to solution
rajmkcl
Level 1
Level 1
In response to pradypan

‎09-03-2016 06:09 AM

ahh...got it. thanks.

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to rajmkcl

‎09-03-2016 08:21 AM

Double check your current version. 8.6(1) is not available on 5520 platform. The 8.6 release was specific to Saleen hardware (X series).

Perhaps you mean 8.4(1).

0 Helpful

Go to solution
rajmkcl
Level 1
Level 1
In response to Marvin Rhoads

‎09-03-2016 09:28 AM

Thanks Marvin, Yes I mis-typed, I mean for 5525.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card