@Seb Rupik wrote:
Hi there,
Cisco will not issue you software without a service contract unless you can show them that the version you are using has some published vulnerability.
What version of ASA-OS are you running. It you are using ASDM 7.5.1 then it must be relatively old, so a good chance you would be affected by this vulnerability:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa
Note at the bottom of the page the section Customers Without Service Contracts
Follow those steps. Make you you ask them to also provide a compatible version of ASDM.
cheers,
Seb.
Hi Seb,
Many thanks for your feedback.
We have new Cisco ASA. When this was compiled actually by Cisco, because if this is old version then update should be provided by Cisco for free as they know some bugs are there in old version.
ciscoasa# show version
Cisco Adaptive Security Appliance Software Version 9.5(1)
Device Manager Version 7.5(1)
Compiled on Wed 12-Aug-15 12:18 PDT by builders
System image file is "disk0:/asa951-lfbff-k8.spa"
Config file at boot was "startup-config"
ciscoasa up 1 day 18 hours
Hardware: ASA5506, 4096 MB RAM, CPU Atom C2000 series 1250 MHz, 1 CPU (4 cores)
Internal ATA Compact Flash, 8192MB
@BIOS Flash unknown @ 0x0, 0KB
Encryption hardware device : Cisco ASA Crypto on-board accelerator (revision 0x1)
Number of accelerators: 1
