×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

CSCuj31717 - IPS Vulnerability to CVE-2010-5107 - OpenSSH

Unanswered Question
Dec 3rd, 2013
User Badges:

Hello,


We have found our ACS 1121 appliances running 5.4 ACS code are vulnerable to


CVE-2004-1653

CVE-2010-5107


Our information suggests the appliances are using Openssh 5.3 and these vulnerabilities have been fixed it Openssh 6.2 or newer versions.


What is the timeline for udatding openssh on the ACS 1121 appliance? I have checked the bug database and see no current fixes have been published.


We also use Cisco IPS modules in redundant Cisoc 5525X firewalls. These also appear to be vunerable.


I would like to know firmware roadmap to fix these vulnerabilities.


What remediations or workarounds does Cisco recommend in lieue of a oppenssh upgrade/patch/fix?




Regards,


Scott Robertson

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
David White Tue, 12/03/2013 - 13:43
User Badges:
  • Cisco Employee,

Hi Scott,


For the ACS, bug CSCuj27463 is filed (and fixed) to address CVE-2010-5107.


For timelines on releases, please open a TAC case and reference the bugs.


Sincerely,


David.

Actions

This Discussion