Re: SNTC upload has device firmware information but, it fails to displ

Jnowakowski1 · ‎02-07-2023

CSPC 2.10

ASA5506 with SNMP RO string and read-only SSH access collection pulls successfully and uploads, i can see the firmware information in the collector logs but, SNTC doesn't display it and still shows security advisories.

CSPC runs a "show module"

# sh module

Mod Card Type Model Serial No.
---- -------------------------------------------- ------------------ -----------
1 ASA 5506-X with FirePOWER services, 8GE, AC, ASA5506
sfr FirePOWER Services Software Module ASA5506

Mod MAC Address Range Hw Version Fw Version Sw Version
---- --------------------------------- ------------ ------------ ---------------
1 00fe.c841.xxxx to 00fe.c841.xxxx 2.1 1.1.15 9.8(4)29

The firmware version is there.

The device still shows as vulnerable for https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot , although it has the correct firmware version.

SNTC should only show security advisories that apply to the collected devices correct? Perhaps SNTC is expecting the firmware information from another command?

How does SNTC grab the Firmware version? is there a specific command or?

vivekcha@cisco.com · ‎02-08-2023

Hello,

Hope you are you doing well!
We are looking into the issue you posted and get back to you with an update.

Thanks & Regards,
Vivek Chauhan

vivekcha@cisco.com · ‎02-09-2023

Hi Jonathan,

Please PM me the following details to check further:

Company name:
User's cco id:
Inventory name:
Serial number and PID of the mentioned device for which you want to see firmware information:

Thanks & Regards,
Vivek Chauhan

SNTC upload has device firmware information but, it fails to display