Forum Discussion
Ransomware Groups Reportedly Exploiting Zero-Day in Cisco...
I believe this CVE now has patches, at least for some supported devices:
Example 9.12.4.62 was released to address this issue and is not affected:
However, scans still do not recognize the update and mark a patched ASA as critically vulnerable. Can the plugins be updated? Thanks.
Hello again @Dustin Robbins ,
I believe a new plugin was released today for this advisory:
https://www.tenable.com/plugins/nessus/182523
Thank you again for bringing this to my attention. Please let me know if you have any further questions.
Regards,
Satnam
Thanks. It appears there may be a false negative in the current plugin when it comes showing the vulnerability on a firewall that is sitting on the initial release of ASA 9.12.4. (e.i., just "9.12(4)" with no minor release number at the end: 9.12(4)x)
Hi @Dustin Robbins ,
Thank you for bringing this to my attention. I have asked a few of my colleagues here and because of the issue you're having, it's recommended that you open a support case so they can look into this specific issue. With the support case, please provide a scan DB with plugin debugging enabled: https://community.tenable.com/s/article/How-to-enable-Plugin-Debugging-and-Audit-Trails-for-Support?language=en_US
Thank you.