Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Our security team tested vulnerabilities on ASA 5525-X. Somehow they could display the ios version. This is considered a security risk. Is there any command/settings (similar to encrypting a password) that masks displaying the ios version to outsider...
Hi Aydin and Marvin
We could solve the problem by upgrading the ASAs ios version from 9.1(2) to 9.1(6.11). The ios version is no more displayed when trying to access via [ https://153.142.x.x/CSCOSSLC/config-auth ] from outside. It seems it was just ...
Hi Marvin
Thank you for the contribution. It seems it is a bug in the ios ver.9.1(2). Cisco recommended the upgrade to ver.9.1(6.11) or higher. The security team used https://153.142.x.x/CSCOSSLC/config-auth in their vulnerability test, and this res...
Hi Aydin
Thanks for the contact again. They did port scanning using Nmap and Nessus as main diagnostics tools. It is possible to collect information (traps, etc) via snmp or http. The discovered problems could be related to ios ver.9.1(2) vulnerabili...
Hi Aydin
We just got their report and 2 log files. They used a bunch of 10 ip addresses to test vulnerabilities and attack the ASAs (main 5525-X, backup 5520). I checked their logs. All these ip addresses were rejected or (ACL) denied by the ASAs. Ho...
Just a new information received now. They used mainly "Nmap" and "Nessus" as diagnostics tools. With Nmap, it was possible to visualize the ios version according to their claim, caused by current vulnerability (buffer overflow) with ios ver 9.2 (1), ...
