cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
1243
Views
0
Helpful
5
Replies

Cisco ASA5510 + XSS vulnerability - BugID CSCun19025

Hello All --

Currently we have a allot of Cisco ASA5510 in production configured as remote access SSL VPN end points running software version 9.1.5, current latest release for this device.

During our latest audit we found a vulnerability identified by CISCO as CSCun19025, according to the document listed below this should be resolved in version 9.1.5(3), I cant find this software version on the support portal ?

The problem is resolved in 9.2.1, but this software release is unsupported on the Cisco ASA5510.

Any ideas how to resolve this vulnerability ?

Document sources :

https://tools.cisco.com/bugsearch/bug/CSCun19025

https://www3.trustwave.com/spiderlabs/advisories/TWSL2014-008.txt

Thank you

Jacques de Jager

South Africa

5 Replies 5

You need to look for the interim-releases:

Download -> All Releases -> Interim -> 9 -> 9.1.5 Interim

Hello Karsten --

Thank you for the reply, my apology for the late reply :

I applied the interim release and it doesn't seem to resolve the vulnerability when I perform a scan - but if I look at the Security Release notes it clearly specify the image resolve the problem.

Any comment --

   fw-office01# show version

   Cisco Adaptive Security Appliance Software Version 9.1(5)12
   Device Manager Version 7.2(1)

   Compiled on Wed 20-Aug-14 09:14 by builders
   System image file is "disk0:/asa915-12-k8.bin"

 

Thanks!

 

 

Probably it's best to open a case for that.

Hello Karsten --

I can confirm that problem is resolved, did IVS scan now and all clear :)!!!

Thanks for reply!!

 

 

So what did you do to fix it?