Solved: If you're running a 5500

giuseppe parlato · ‎10-11-2014

Hello,

looking at this advisory: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa, in Software Versions and Fixes table all fixes releases are interim ones while mine is an ED release (9.1.5). Do you think I have to upgrade to the adviced interim release 9.1(5.12) ?

Thanks

Marvin Rhoads · ‎10-11-2014

If you're running a 5500 series and require a fix now then, yes - 9.1(5.12) is the version you should upgrade to.

You could also examine each vulnerability for applicability to your configuration and either decide it is not applicable or critical and/or implement compensating controls outside the ASA itself.

Finally, you could also accept the risk and leave your system unpatched.

View solution in original post

Marvin Rhoads · ‎10-11-2014

If you're running a 5500 series and require a fix now then, yes - 9.1(5.12) is the version you should upgrade to.

You could also examine each vulnerability for applicability to your configuration and either decide it is not applicable or critical and/or implement compensating controls outside the ASA itself.

Finally, you could also accept the risk and leave your system unpatched.

Multiple Vulnerabilities in Cisco ASA Software - Adivisory ID