03-21-2017 08:49 AM - edited 03-20-2019 09:18 PM
Hi Guys,
We recently had an auditor flag our ASA for the ASA BGP Bidirectional Forwarding Detection ACL Bypass Vulnerability (CSCvc68229).
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asa
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvc68229
My question is, if we are not actively running BGP on the ASA are we still vulnerable?
Thanks,
Scott
03-21-2017 09:37 AM
If you are not running BGP then I would say you are not vulnerable.
04-18-2019 01:45 AM
"Conditions:
The issue affects ASA software version 9.6(2) and later. No specific configuration is required."
I don't think it matters if BGP is configured or not.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide