Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
567
Views
0
Helpful
1
Replies

WSA - Ghostscript

Jens.Wall1
Level 1
Level 1

‎07-18-2023 01:41 AM - edited ‎07-18-2023 01:43 AM

Hello, we are using the Web Security S395 with ASyncOS 14.5. Currently, there is CVE-2023-36664. (CVE-2023-36664 (debian.org))

Does our Web Security utilize Ghostscript? Unfortunately, I couldn't find any reference to Ghostscript in the documentation for the open source programs, nor any indication of another PDF creator. (Open Source Used In AsyncOS 14.5 for Cisco Secure Web Appliance)

Best regards, Jens

Labels:
0 Helpful
1 Reply 1

amojarra
Cisco Employee
Cisco Employee

‎07-21-2023 02:10 PM

Hi @Jens.Wall1 

 

I can see : Cisco Content Security Management Appliance (SMA) / Cisco Content Security Management Appliance / 14.1.0-227 & 14.1.0-223 & 14.2.0-212  are not impacted by CVE-2023-36664.

For SMA's other versions and WSA's or ESA's there were no record, I did requested for vulnerability check, but it is best to open a support case with TALOS team, they will check this for you, for sure. 

 

Regards,

Amirhossein Mojarrad

+++++++++++++++++++++++++++++++++++++++++++++++++++

++++   If you find this answer helpful, please rate it as such  ++++

+++++++++++++++++++++++++++++++++++++++++++++++++++

 

Regards,
Amirhossein Mojarrad
+++++++++++++++++++++++++++++++++++++++++++++++++++
++++ If you find this answer helpful, please rate it as such ++++
+++++++++++++++++++++++++++++++++++++++++++++++++++
0 Helpful
Customers Also Viewed These Support Documents