Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Cisco ASA 5505 Possible Vulnerability in Net Tools PKI Server 1.0

Posted on 2011-02-25
2
Medium Priority
?
1,286 Views
Last Modified: 2012-05-11
I am trying to get our Cisco ASA 5505 running version 8.2(1) to pass a PCI compliance check.  I have one remaining issue to fix which is caused by the website on the ASA that allows SSL VPN access.

The message I get from the PCI compliance scan is 444:TCP Possible vulnerability in Net Tools PKI Server.  Contact the vendor for Hotfix 3 for Net Tools PKI Server 1.0.  

Port 444 is where I am running the SSL VPN portal

My question is, is this taken care of in version 8.2.2ED?  That is the only version that shows in my download list in the Upgrade Software from Cisco.com wizard within the asdm.
0
Comment
Question by:Steve Bantz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 200 total points
ID: 34988796
Did you assign a certificate to the ssl web service? Is it a commercial cert or a self-signed cert?
In Device Management / SSL Settings, choose SSL version for the security appliance to negotiate: SSL V3 Only
It's generally the SSL V1 that is the problem with the scanners..
I would go ahead and upgrade from 8.2.1. The latest available is 8.2.4
0
 
LVL 1

Author Comment

by:Steve Bantz
ID: 35000846
It was running a self signed certificate.  I did change it to only accept SSL V3 only and it passed the PCI scan after that.  Thanks.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of the companies I’ve worked with have embraced cloud solutions due to their desire to “get out of the datacenter business.” The ability to achieve better security and availability, and the speed with which they are able to deploy, is far grea…
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

598 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question