08-22-2019 08:11 AM - edited 02-21-2020 09:25 AM
Hello,
The Firepower with Fxos V 2.3(1.91) has been reported with the following vulnerability on port 443
Fix suggested is to upgrade Apache Server to latest version. How can i achieve this ?
Thanks
Solved! Go to Solution.
08-25-2019 05:11 AM
You would upgrade the FXOS only for this particular bug.
The procedure is described here:
For an HA pair, upgrade the standby unit first and verify it works. Then failover to make it active and then upgrade the other unit. Finally failover once again to come back to the "Primary - Active" and "Secondary - Standby Ready" normal state.
08-22-2019 08:44 AM - edited 08-22-2019 08:46 AM
BugID CSCvj48872 applies:
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvj48872/?rfs=iqvred
The FXOS release notes indicate FXOS 2.3.1.88 contains the fix:
https://www.cisco.com/c/en/us/td/docs/security/firepower/fxos/fxos231/release/notes/fxos231_rn.html
It may have cropped back up in 2.3.1.91 but it should be fixed in the current 2.3.1.155 or the later 2.5.x/2.6.x trains.
So upgrade the FXOS firmware for Firepower 4100 and 9300 series.
If you have Firepower 2100 series appliances with FTD, the FXOS firmware is embedded in the FTD image.
08-24-2019 08:44 AM
08-25-2019 05:11 AM
You would upgrade the FXOS only for this particular bug.
The procedure is described here:
For an HA pair, upgrade the standby unit first and verify it works. Then failover to make it active and then upgrade the other unit. Finally failover once again to come back to the "Primary - Active" and "Secondary - Standby Ready" normal state.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide