04-25-2014 03:56 PM - edited 03-11-2019 09:07 PM
I have a TAC case opened because according to the release notes for 9.2(1) it states that OpenSSL has been upgraded to 1.0.1e. The release notes for ASDM 7.2(1) states the same. So far the TAC engineer could not rule out that 9.2(1) indeed does have a vulnerable release of OpenSSL in it. I will update this thread when TAC has confirmed or denied that 9.2(1) is vulnerable to Heartbleed.
Solved! Go to Solution.
04-25-2014 05:43 PM
Hello Ian Brown,
The ASA 9.2.1 is not vulnerable:
OpenSSL upgrade
The version of OpenSSL on the ASA will be updated to version 1.0.1e.
Note We disabled the heartbeat option, so the ASA is not vulnerable to the Heartbleed Bug.
We did not introduce or modify any commands.
http://www.cisco.com/c/en/us/td/docs/security/asa/asa92/release/notes/asarn92.html
I hope you find this information helpful.
04-25-2014 05:43 PM
Hello Ian Brown,
The ASA 9.2.1 is not vulnerable:
OpenSSL upgrade
The version of OpenSSL on the ASA will be updated to version 1.0.1e.
Note We disabled the heartbeat option, so the ASA is not vulnerable to the Heartbleed Bug.
We did not introduce or modify any commands.
http://www.cisco.com/c/en/us/td/docs/security/asa/asa92/release/notes/asarn92.html
I hope you find this information helpful.
04-25-2014 06:32 PM
Earlier the Release Notes didn't have that note of:
Note We disabled the heartbeat option, so the ASA is not vulnerable to the Heartbleed Bug.
I have the original PDF that was on Cisco.com earlier which lacked the note about heartbeat being disabled.
04-25-2014 10:22 PM
But now thanks to Jose Orozco you have the information :) so problem fixed
04-26-2014 06:12 AM
I agree. A double VIP endorsement to Jose. :)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide