Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

CSCuj31717 - IPS Vulnerability to CVE-2010-5107 - OpenSSH

Hello,

We have found our ACS 1121 appliances running 5.4 ACS code are vulnerable to

CVE-2004-1653

CVE-2010-5107

Our information suggests the appliances are using Openssh 5.3 and these vulnerabilities have been fixed it Openssh 6.2 or newer versions.

What is the timeline for udatding openssh on the ACS 1121 appliance? I have checked the bug database and see no current fixes have been published.

We also use Cisco IPS modules in redundant Cisoc 5525X firewalls. These also appear to be vunerable.

I would like to know firmware roadmap to fix these vulnerabilities.

What remediations or workarounds does Cisco recommend in lieue of a oppenssh upgrade/patch/fix?

Regards,

Scott Robertson

1 REPLY
Cisco Employee

CSCuj31717 - IPS Vulnerability to CVE-2010-5107 - OpenSSH

Hi Scott,

For the ACS, bug CSCuj27463 is filed (and fixed) to address CVE-2010-5107.

For timelines on releases, please open a TAC case and reference the bugs.

Sincerely,

David.

465
Views
0
Helpful
1
Replies
CreatePlease to create content