Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Cisco ASA5510 + XSS vulnerability - BugID CSCun19025

Hello All --

Currently we have a allot of Cisco ASA5510 in production configured as remote access SSL VPN end points running software version 9.1.5, current latest release for this device.

During our latest audit we found a vulnerability identified by CISCO as CSCun19025, according to the document listed below this should be resolved in version 9.1.5(3), I cant find this software version on the support portal ?

The problem is resolved in 9.2.1, but this software release is unsupported on the Cisco ASA5510.

Any ideas how to resolve this vulnerability ?

Document sources :

https://tools.cisco.com/bugsearch/bug/CSCun19025

https://www3.trustwave.com/spiderlabs/advisories/TWSL2014-008.txt

Thank you

Jacques de Jager

South Africa

Everyone's tags (1)
5 REPLIES
VIP Purple

You need to look for the

You need to look for the interim-releases:

Download -> All Releases -> Interim -> 9 -> 9.1.5 Interim


--
Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni

Hello Karsten --Thank you for

Hello Karsten --

Thank you for the reply, my apology for the late reply :

I applied the interim release and it doesn't seem to resolve the vulnerability when I perform a scan - but if I look at the Security Release notes it clearly specify the image resolve the problem.

Any comment --

   fw-office01# show version

   Cisco Adaptive Security Appliance Software Version 9.1(5)12
   Device Manager Version 7.2(1)

   Compiled on Wed 20-Aug-14 09:14 by builders
   System image file is "disk0:/asa915-12-k8.bin"

 

Thanks!

 

 

VIP Purple

Probably it's best to open a

Probably it's best to open a case for that.


--
Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni

Hello Karsten --I can confirm

Hello Karsten --

I can confirm that problem is resolved, did IVS scan now and all clear :)!!!

Thanks for reply!!

 

 

New Member

So what did you do to fix it?

So what did you do to fix it?

676
Views
0
Helpful
5
Replies
CreatePlease to create content