Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1192
Views
0
Helpful
3
Replies

ASA5512 Failing PCI compliance CVE-2016-2183

murraymwps
Level 1
Level 1

‎12-02-2016 12:52 PM - edited ‎03-12-2019 01:37 AM

Does anyone have any ideas on a workaround for failing CVE-2016-2183. Cisco published the vulnerability back in September but hasn't come up with a workaround or fix.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl

I'm running an ASA 5512 ver 9.3(2). We've failed PCI compliance twice now.

thanks,

-mike

Labels:
0 Helpful
3 Replies 3

Oliver Kaiser
Level 7
Level 7

‎12-02-2016 01:45 PM

There is no workaround at the moment. Internal development builds seem to be fixed, but there has been no update on when fixed releases will be released.

To keep track of this you might wanna subscribe to the bug CSCvb48640

0 Helpful

murraymwps
Level 1
Level 1
In response to Oliver Kaiser

‎12-09-2016 06:36 AM

Looks like a fix has just been released but I can't find these software versions to download. From the bug search page:

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvb48640?emailclick=CNSemail

...the following are known fixed releases:

9.1(7.12)
97.1(0.95)
97.1(0.96)
97.1(12.8)
97.1(6.43)
98.1(1.15)
98.1(1.16)
98.1(10.16)
98.1(11.3)
98.1(2.26)
98.1(2.27)
I can't see where to download 97.x or 98.x. I see 9.6 as the highest version. Are these typos?
0 Helpful

Oliver Kaiser
Level 7
Level 7
In response to murraymwps

‎12-09-2016 06:38 AM

Those are internal development builds. We will have to wait for QA to finish testing before they are being released.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card