Re: Really basic question - Firmware for ASA5506 w/o contract

basiluk11 · ‎02-07-2019

So I have an ASA5506 running ASA9.7.1.4 . I know that it has vulnerabilities and would like to update to 7.9.2.152. But I dont have a contract - For this download my cisco login says "Additional Entitlement Required" - So how ca I patch this unit to protect my network please?

Francesco Molino · ‎02-07-2019

Hi

There's no official ways to upgrade your ASA software without any contracts. Even if yours has expired, you can buy a new contract for 1 year and be able to download/upgrade your asa os software.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

basiluk11 · ‎02-07-2019

Thanks.

Marvin Rhoads · ‎02-07-2019

Actually, if there's a published security advisory you may be eligible to get the patched software free of charge and without having a contract from Cisco.

You should call the TAC and have the security advisory number on hand to cite. They may give you some push back but stick to your rights and cite the language in the PSIRT. For example:

"Cisco has released free software updates that address the vulnerability described in this advisory. "

Source:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd

Francesco Molino · ‎02-07-2019

Didn't know that one :-) Thanks Marvin!

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question