Cisco scores yet another 10/10 for security vulnerability on firewalls. This includes new and old firewalls. “It now affects 15 products that run ASA software, including a wide range of Firepower Security Appliance versions, ASA 5500-X Series Next-Generation Firewalls and ASA 5500 Series Adaptive Security Appliances.”
Its like no one actually tests these products and Cisco waiting for customers to report security vulnerabilities in addition to bugs. Plus Cisco is being criticised for not handling this in a timely manner.
Cisco has come under fire for its handling of the situation. Sysadmin Colin Edwards, who blogs frequently on network and security issues, said far too much time had passed–80 days, by his measure–between when Cisco released its first patches for the vulnerability and when it published the security advisory.
Why bother with IT Security ?
Cisco Issues New Patches for Critical Firewall Software Vulnerability | Threatpost | The first stop for security news : https://threatpost.com/cisco-issues-new-patches-for-critical-firewall-software-vulnerability/129793/