Cisco Cisco Email Security Appliance C190 Release Note

URL: 

You can view some details by clicking the link to view bug information in the Cisco Bug Search Tool. 

Before installing the patch, perform any pre-upgrade tasks that are documented in the release notes and 
online help or user guide for your release(s). 

The appliance will prompt you to reboot after installing the patch. This reboot is required. 

This patch should take only a few minutes to install. 

If you are updating a Security Management appliance: 

You will need appropriate credentials for managed appliances in order to re-establish connection to 
those appliances after installation. 

If you use centralized configuration management for Web Security appliances, you will need to 
reassign the configuration master to each appliance after installing the patch. Suggestion: Before 
you install the patch, take a screen shot of the list on the Web > Utilities > Configuration Masters > 
Edit Appliance Assignment List page. 

You must use the command-line interface (CLI) to install this patch. Do NOT use the web interface 
to install this patch, even if you see this patch among the upgrade options. 

Use the 

upgrade

 command and select 

cisco-sa-20150625-ironport SSH Keys Vulnerability 

Fix. 

For email and management appliances (ESA and SMA), if 

downloadinstall

 is available as an 

upgrade

 option on your release, you MUST use it. The 

download

 option does not work for this patch. 

If you are installing the patch on SMA 8.4.0-150, see required actions at 

Virtual ESA not generating new SSH HostKey post deployment

Virtual ESA: preinstalled keys allow remote root access without customer’s consent 

Virtual WSA not generating new SSH HostKey post deployment 

Virtual WSA: preinstalled keys allow remote root access without customer’s consent

Virtual SMA not generating new SSH HostKey post deployment

Virtual SMA: preinstalled keys allow remote root access without customer’s consent