Products Affected |
Comments |
---|---|
PDM |
PIX Device Manager 3.0(1), 3.0(2), 4.0(1), 4.1(1) |
IDM |
IDS Device Manager 5.0(1) |
PIX Device Manager (PDM) versions 3.0(1) , 3.0(2), 4.0(1), and 4.1(1), and IDS Device Manager (IDM) version 5.0(1), are incompatible with Java Plug-in versions 1.4.2_08 and 1.5.0_02 or later. If these Java Plug-ins are used in conjunction with the impacted PDM or IDM releases, the application will not load.
Changes made in the Java Plug-in 1.4.2_08 and 1.5.0_02 break the existing code loading functionality in PDM and IDM.
Impacted PDM and IDM versions will not load when launched from a browser using Java Plug-in 1.4.2_08 or 1.5.0_02 or later. If you bring up the Java console, there will be a java.security.AccessControlException error:
Requesting URL: https://my.firewall.name/jploader.jar java.security.AccessControlException: access denied (java.util.PropertyPermission java.version read) at java.security.AccessControlContext.checkPermission(Unknown Source) at java.security.AccessController.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPropertyAccess(Unknown Source) at java.lang.System.getProperty(Unknown Source) at com.cisco.pdm.e.c.q(Unknown Source) at com.cisco.pdm.e.c.h(Unknown Source) at com.cisco.pdm.a.byte(Unknown Source) at com.cisco.pdm.PDMApplet.start(Unknown Source) at com.cisco.nm.util.sgz.Env.start(Env.java:37) at com.cisco.nm.util.sgz.Loader.start(Loader.java:109) at sun.applet.AppletPanel.run(Unknown Source) at java.lang.Thread.run(Unknown Source)
The latest maintenance releases PDM 3.0(3) and later, PDM 4.1(2) and later, and IDM 5.0(2) and later resolve this issue.
Version 3.x PDM software can be found at the Cisco PIX Security Appliance Software Download (registered customers only) page.
Version 4.x PDM software which manages FWSM version 2.x can be found at the Cisco Catalyst 6000 FireWall Service Module 3DES Software (registered customers only) page.
IDS sensor images with built-in IDM can be found at the following links:
Appliances (registered customers only)
ASA-AIP-SSM (registered customers only)
NM-CIDS (registered customers only)
IDSM2 (registered customers only)
PDM versions 3.0(1), 3.0(2), 4.0(1), 4.1(1), and IDM version 5.0(1) are impacted by this issue and will not load properly when used in conjunction with Java Plug-In versions 1.4.2_08 and 1.5.0_02 or later. Customers running these versions of PDM or IDM should either uninstall the newer Java Plug-Ins and re-install previous versions of the Java Plug-In, or upgrade their PDM and IDM images to the versions indicated in the following table.
Impacted Version |
Upgrade Version |
---|---|
PDM 3.0(1), PDM 3.0(2) |
PDM 3.0(3) and later |
PDM 4.0(1), PDM 4.1(1) |
PDM 4.1(2) and later |
IDM 5.0(1) |
IDM 5.0(2) and later |
PDM versions 1.0 through 2.1 only support the native Internet Explorer and Netscape Java virtual machines and do not support the Java Plug-In. Customers using these versions of PDM should refer to the appropriate release notes to find supported browser versions.
IDM versions 3.1 through 4.1 do not utilize Java and are purely HTML-based. They are not affected by this issue.
Adaptive Security Device Manager (ASDM) versions 5.0(1) and later are not impacted by this issue and operate normally when used in conjunction with the Java Plug-In versions 1.4.2_08 and 1.5.0_02.
To follow the bug ID link below and see detailed bug information, you must be a registered user and you must be logged in.
DDTS |
Description |
---|---|
CSCeh50967 (registered customers only) |
PDM 3.0 does not run with Java 1.5.0_02 and 1.4.2_08 |
CSCeh45853 (registered customers only) |
PDM 4.1 does not run with Java 1.5.0_02 and 1.4.2_08 |
CSCeh39422 (registered customers only) |
IDM 5.0(1) does not load with latest Sun JRE plugin 1.5.0 Update 2 |
Revision |
Date |
Comment |
---|---|---|
1.3 |
16-NOV-2006 |
Added URLs to Workaround/Solution section |
1.2 |
04-AUG-2006 |
Added 4.x software link, added wording to denote later versions of software |
1.1 |
06-JUN-2006 |
Added software download URLs to Workaround/Solution section, updated title format |
1.0 |
16-MAY-2005 |
Initial Public Release |
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
Product Alert Tool - Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.