09-28-2015 02:05 AM
Hi
customer is running WSA 8.8.0-085. In the available upgrades web pages it is shown the file "cisco-sa-20150625-ironport SSH Keys Vulnerability Fix". When trying to apply it , both from web pages and from CLI, as suggested by RN, it shows the patch as already applied:
Checking if 'Cisco-Ironport SSH Keys Vulnerability' patch is required
'Cisco-Ironport SSH Keys Vulnerability' patch is already applied
Upgrade installation finished.
I think reason should be WSA was upgraded after June 25 to a release already including this patch.
Question:
- How can I be sure SSH keys are ok?
- Why patch remain in the available upgrades? Can I delete it?
Thanks in advance
Solved! Go to Solution.
09-28-2015 07:04 AM
Good Morning
Thanks for reaching out, Here is the link that provide details around this:
https://supportforums.cisco.com/blog/12543046/multiple-default-ssh-keys-vulnerabilities-cisco-virtual-wsa-esa-and-sma
and as for "Why patch remain in the available upgrades? Can I delete it?"
This patch will be removed once you upgrade to version 9.0.x and at this time can not be "de-provisioned"
Regards,
Zack
09-28-2015 07:04 AM
Good Morning
Thanks for reaching out, Here is the link that provide details around this:
https://supportforums.cisco.com/blog/12543046/multiple-default-ssh-keys-vulnerabilities-cisco-virtual-wsa-esa-and-sma
and as for "Why patch remain in the available upgrades? Can I delete it?"
This patch will be removed once you upgrade to version 9.0.x and at this time can not be "de-provisioned"
Regards,
Zack
09-29-2015 01:22 AM
Hi Zack
thanks for answer. I understand patch is not necessary.
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide