Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1337
Views
5
Helpful
4
Replies

Bug Search CSCva38556

zen-tek.tan
Level 1
Level 1

‎12-04-2016 06:57 PM - edited ‎03-12-2019 01:37 AM

Cisco ASA Input Validation File Injection Vulnerability
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCva38556
Below is my device details:
This platform has an ASA5585-SSP-20 VPN Premium license.
Serial Number: JAD173301HM
Cisco Adaptive Security Appliance Software Version 8.2(5)49 <context>
Device Manager Version 7.1(2)
How do I check if my ASA is expose to this bug?
Labels:
0 Helpful
4 Replies 4

nspasov
Cisco Employee
Cisco Employee

‎12-06-2016 10:08 AM

It looks like this bug is listed to only affect 9.1(6.10), however, you are running a pretty old version of code that has tons of other vulnerabilities. There is a 8.2(5)59 interim update that you should consider moving to. 

With that being said, it is a good idea to reach out to TAC and confirm 100% that your device and version of code is not affected by this specific defect. 

I hope this helps!

Thank you for rating helpful posts!

Thank you for rating helpful posts!

Oliver Kaiser
Level 7
Level 7
In response to nspasov

‎12-06-2016 01:47 PM

+1 for upgrade recommendation. Still running 8.2.x in 2016 is not a good idea.

0 Helpful

lewislampkin
Level 1
Level 1

‎12-15-2016 06:17 AM

Update: 

You ask an excellent question, but the confusion is well apparent, as seen in another thread:

https://supportforums.cisco.com/discussion/13169031/cscva38556-cve-id-cve-2016-6461-known-fixed-releases

With that said, 9.5(3)6 was released on the 13th of December, it contains the fix for Bug CSCva38556, for the -x series models of the ASA:

http://www.cisco.com/web/software/280775065/135839/ASA-953-Interim-Release-Notes.html

(So, like others, I am confused why this version wasn't listed as "affected" by the bug, if it is going to receive the "fix" for the bug. )

I re-check the bug to be sure, on 12/15/2016 (today), and it only lists 9.1(6)10 as a known  affected release. (if so, then why is 9.5(3) receiving a "fix"?)

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCva38556

0 Helpful

lewislampkin
Level 1
Level 1

‎12-27-2016 05:02 AM

Update: 9.17(12) was released on 12/21/2016.

It resolves the issue for the X-series as well as the older series devices.

Revision:  Version 9.1(7)12 – 12/21/2016

Files:  asa917-12-smp-k8.bin, asa917-12-k8.bin

Defects resolved since 9.1(7)11:

CSCva38556

Cisco ASA Input Validation File Injection Vulnerability

http://www.cisco.com/web/software/280775065/131523/ASA-917-Interim-Relea...

Description: Cisco Adaptive Security Appliance Software for the ASA 5505, 5510, 5520, 5540, and ASA5550. Please read the Release Note prior to downloading this release.
Release: 9.1.7 Interim
Release Date: 21/Dec/2016
File Name: asa917-12-k8.bin
Size: 26.42 MB (27703296 bytes)
MD5 Checksum: 83cb9af376e5016fbcf8023c5c867335
SHA512 Checksum:
50b892a4ae28d9c099c67210d4e5d0ff1dc1ee7534c7853111dcb3ee20d3c5f317d29097edf6b4d36139226738009b0760d6c391a182fb8bd4ca20010e9b1ad3

Description: Cisco Adaptive Security Appliance Software for the ASA 5512-x, 5515-x, 5525-x, 5545-x, 5555-x, 5580, 5585-x, and ASASM. Please read the Release Note prior to downloading this release.
Release: 9.1.7 Interim
Release Date: 21/Dec/2016
File Name: asa917-12-smp-k8.bin
Size: 36.84 MB (38633472 bytes)
MD5 Checksum: aa279845c795d9ec728577405f44a744
SHA512 Checksum:
ed1bf84e8b7df2383c61a86e184aaa741b18a901895e794902d0eb770acf0f7d7187309d18955f3a243c1d572867308481f79b966579e713f52ff1381450707f

Cheers :/

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card