Solved: Thank You Sir. vrian

vrian_colaba · ‎09-07-2016

Is this version Cisco Adaptive Security Appliance Software Version 9.6(1)5 is affected by Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability and Cisco Adaptive Security Appliance CLI Remote Code Execution Vulnerability

JP Miranda Z · ‎09-08-2016

Hi vrian_colaba,

You can take a look to this cisco advisory link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp

Fixed Releases

Cisco ASA Major Release	First Fixed Release
7.2	Affected; migrate to 9.1.7(9) or later
8.0	Affected; migrate to 9.1.7(9) or later
8.1	Affected; migrate to 9.1.7(9) or later
8.2	Affected; migrate to 9.1.7(9) or later
8.3	Affected; migrate to 9.1.7(9) or later
8.4	Affected; migrate to 9.1.7(9) or later
8.5	Affected; migrate to 9.1.7(9) or later
8.6	Affected; migrate to 9.1.7(9) or later
8.7	Affected; migrate to 9.1.7(9) or later
9.0	9.0.4(40)
9.1	9.1.7(9)
9.2	9.2.4(14)
9.3	9.3.3(10)
9.4	9.4.3(8) ETA 8/26/2016
9.5	9.5(3) ETA 8/30/2016
9.6 (FTD)	9.6.1(11) / FTD 6.0.1(2)
9.6 (ASA)	9.6.2

9.6(1)5 is not part of the fixed releases, that means is affected for the SNMP Remote Code Execution Vulnerability.

About Cisco Adaptive Security Appliance CLI Remote Code Execution Vulnerability you can also take a look to this cisco advisory link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli

Fixed Releases

The following table indicates the earliest software releases that include fixes for this vulnerability (9.6 is not affected)

Cisco ASA Major Release	First Fixed Release
7.2	Affected, migrate to 8.4(3) or later
8.0	Affected, migrate to 8.4(3) or later
8.1	Affected, migrate to 8.4(3) or later
8.2	Affected, migrate to 8.4(3) or later
8.3	Affected, migrate to 8.4(3) or later
8.4	8.4(3)
8.5	Affected, migrate to 9.0(1) or later
8.6	Affected, migrate to 9.0(1) or later
8.7	Affected, migrate to 9.0(1) or later
9.0	9.0(1)
9.1	Not affected
9.2	Not affected
9.3	Not affected
9.4	Not affected
9.5	Not affected
9.6	Not affected

Hope this info helps!!

Rate if helps you!!

-JP-

View solution in original post

JP Miranda Z · ‎09-08-2016

Hi vrian_colaba,

You can take a look to this cisco advisory link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp

Fixed Releases

Cisco ASA Major Release	First Fixed Release
7.2	Affected; migrate to 9.1.7(9) or later
8.0	Affected; migrate to 9.1.7(9) or later
8.1	Affected; migrate to 9.1.7(9) or later
8.2	Affected; migrate to 9.1.7(9) or later
8.3	Affected; migrate to 9.1.7(9) or later
8.4	Affected; migrate to 9.1.7(9) or later
8.5	Affected; migrate to 9.1.7(9) or later
8.6	Affected; migrate to 9.1.7(9) or later
8.7	Affected; migrate to 9.1.7(9) or later
9.0	9.0.4(40)
9.1	9.1.7(9)
9.2	9.2.4(14)
9.3	9.3.3(10)
9.4	9.4.3(8) ETA 8/26/2016
9.5	9.5(3) ETA 8/30/2016
9.6 (FTD)	9.6.1(11) / FTD 6.0.1(2)
9.6 (ASA)	9.6.2

9.6(1)5 is not part of the fixed releases, that means is affected for the SNMP Remote Code Execution Vulnerability.

About Cisco Adaptive Security Appliance CLI Remote Code Execution Vulnerability you can also take a look to this cisco advisory link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli

Fixed Releases

The following table indicates the earliest software releases that include fixes for this vulnerability (9.6 is not affected)

Cisco ASA Major Release	First Fixed Release
7.2	Affected, migrate to 8.4(3) or later
8.0	Affected, migrate to 8.4(3) or later
8.1	Affected, migrate to 8.4(3) or later
8.2	Affected, migrate to 8.4(3) or later
8.3	Affected, migrate to 8.4(3) or later
8.4	8.4(3)
8.5	Affected, migrate to 9.0(1) or later
8.6	Affected, migrate to 9.0(1) or later
8.7	Affected, migrate to 9.0(1) or later
9.0	9.0(1)
9.1	Not affected
9.2	Not affected
9.3	Not affected
9.4	Not affected
9.5	Not affected
9.6	Not affected

Hope this info helps!!

Rate if helps you!!

-JP-

vrian_colaba · ‎09-12-2016

Thank You Sir.

vrian