topic Re: Cisco ASA Security Hardening in Network Security

Cisco ASA Security Hardening

michaelgebreegziabher21778 — Fri, 31 May 2024 10:45:58 GMT

While investigating vulnerabilities, I discovered some vulnerabilities on Cisco FTD's known as "Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability (cisco-sa-20180129-asa1)". I'm looking for any possible solutions or workarounds to address these vulnerabilities.

Re: Cisco ASA Security Hardening

MHM Cisco World — Fri, 31 May 2024 11:10:10 GMT

https://www.cisco.com/c/dam/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/200150-Hardening-Cisco-ASA-Firewall.pdf

check this

MHM

Re: Cisco ASA Security Hardening

Rob Ingram — Fri, 31 May 2024 11:36:40 GMT

@michaelgebreegziabher21778 what vulnerabilites do you refer to? You should be able find the CVE and search for the Cisco Security Advisory https://sec.cloudapps.cisco.com/security/center/publicationListing.x which should tell you the fix, probably upgtading to the latest version.

Re: Cisco ASA Security Hardening

Marvin Rhoads — Fri, 31 May 2024 13:08:18 GMT

If you do a simple search (google etc.) you should see one of the first results being this document:

https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20180129-asa1.html

If contains the fixed software versions for both ASA and FTD software. Upgrade to one of those releases (or later) and you will no longer have that vulnerability in your firewall(s).

Re: Cisco ASA Security Hardening

michaelgebreegziabher21778 — Fri, 31 May 2024 13:19:43 GMT

Thank you for your response. Prior to posting my question to the community, I managed to find the relevant link and discovered that upgrading will resolve my issue. I will proceed with the upgrade, but as it may take some time, I am interested in exploring any alternative workarounds that could be suitable in the meantime

Re: Cisco ASA Security Hardening

Marvin Rhoads — Fri, 31 May 2024 13:30:04 GMT

As noted in the Cisco published document:

"Cisco has released software updates that address this vulnerability. There are no workarounds that address all the features that are affected by this vulnerability."

As long as you have remote access VPN enabled and are running a software release prior to the ones recommended to fix the issue, you are subject to the vulnerability.