08-30-2016 02:16 AM - edited 03-10-2019 12:42 AM
Hello,
I have cisco ASA device with versions 9.1(5)21 and 9.1(6)11.
When analizing at Cisco Security Advisory the information is not 100% clear.
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp
First on the table in there 9.1 has 9.1.7 (9) has First Fixed Release but does not state Affected like others.
When going to the bug itself:
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCva92151
It shows only 8.2(5) as Known Affected Releases.
To conclude, having versions .1(5)21 and 9.1(6)11 on ASA device do I need to upgrade in order to avoid SNMP vulnerability?
Many thanks in advance
Solved! Go to Solution.
08-30-2016 08:02 PM
Hi Bmaferreira,
All the version beside the one showing up as fixed are affected, so if you see the table of affected releases you can see they have a line for major release and then they show you the fixed version so any version on the 9.1 path besides the 9.1.7.9 is affected. At the end the bug is only informative since we have the Cisco advisory that actually explains the vulnerability and gives you the Fixed Releases table.
Hope this info helps!!
Rate if helps you!!
-JP-
08-30-2016 08:02 PM
Hi Bmaferreira,
All the version beside the one showing up as fixed are affected, so if you see the table of affected releases you can see they have a line for major release and then they show you the fixed version so any version on the 9.1 path besides the 9.1.7.9 is affected. At the end the bug is only informative since we have the Cisco advisory that actually explains the vulnerability and gives you the Fixed Releases table.
Hope this info helps!!
Rate if helps you!!
-JP-
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide