Guest

Preview Tool

Cisco Bug: CSCvv93486 - TLS versions not updated with SMA upgrades to 13.6.x

Last Modified

Oct 12, 2020

Products (1)

  • Cisco IronPort Security Management Appliance Software

Known Affected Releases

13.6.2-019

Description (partial)

Symptom:
After the ESA has been upgraded to 13.5.x version, it is documented that the tlsv1.0 would be disabled by default.
With SMA's that originally with tls1.0 in the config, as the device is upgraded, it should have updated the tls versions. But that does not happen. This is seen only for customer who originally have tls1.0 in their config.

Because of this we see TLS failures for PVO due to mismatch in tls versions.

Conditions:
SMA with tls1.0 in initial config
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.