02-07-2023 10:24 AM
CSPC 2.10
ASA5506 with SNMP RO string and read-only SSH access collection pulls successfully and uploads, i can see the firmware information in the collector logs but, SNTC doesn't display it and still shows security advisories.
CSPC runs a "show module"
# sh module
Mod Card Type Model Serial No.
---- -------------------------------------------- ------------------ -----------
1 ASA 5506-X with FirePOWER services, 8GE, AC, ASA5506
sfr FirePOWER Services Software Module ASA5506
Mod MAC Address Range Hw Version Fw Version Sw Version
---- --------------------------------- ------------ ------------ ---------------
1 00fe.c841.xxxx to 00fe.c841.xxxx 2.1 1.1.15 9.8(4)29
The firmware version is there.
The device still shows as vulnerable for https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot , although it has the correct firmware version.
SNTC should only show security advisories that apply to the collected devices correct? Perhaps SNTC is expecting the firmware information from another command?
How does SNTC grab the Firmware version? is there a specific command or?
02-08-2023 05:21 AM
Hello,
Hope you are you doing well!
We are looking into the issue you posted and get back to you with an update.
Thanks & Regards,
Vivek Chauhan
02-09-2023 01:01 PM
Hi Jonathan,
Please PM me the following details to check further:
Company name:
User's cco id:
Inventory name:
Serial number and PID of the mentioned device for which you want to see firmware information:
Thanks & Regards,
Vivek Chauhan
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide