Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
421
Views
2
Helpful
5
Replies

Cisco ASA Security Hardening

michaelgebreegziabher21778
Level 1
Level 1

‎05-31-2024 03:45 AM

While investigating vulnerabilities, I discovered some vulnerabilities on Cisco FTD's known as "Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability (cisco-sa-20180129-asa1)". I'm looking for any possible solutions or workarounds to address these vulnerabilities.

0 Helpful
5 Replies 5

Rob Ingram
VIP
VIP

‎05-31-2024 04:36 AM

@michaelgebreegziabher21778 what vulnerabilites do you refer to? You should be able find the CVE and search for the Cisco Security Advisory https://sec.cloudapps.cisco.com/security/center/publicationListing.x which should tell you the fix, probably upgtading to the latest version.

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-31-2024 06:07 AM - edited ‎05-31-2024 06:08 AM

If you do a simple search (google etc.) you should see one of the first results being this document:

https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20180129-asa1.html

If contains the fixed software versions for both ASA and FTD software. Upgrade to one of those releases (or later) and you will no longer have that vulnerability in your firewall(s).

0 Helpful

michaelgebreegziabher21778
Level 1
Level 1
In response to Marvin Rhoads

‎05-31-2024 06:19 AM

Thank you for your response. Prior to posting my question to the community, I managed to find the relevant link and discovered that upgrading will resolve my issue. I will proceed with the upgrade, but as it may take some time, I am interested in exploring any alternative workarounds that could be suitable in the meantime

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to michaelgebreegziabher21778

‎05-31-2024 06:30 AM

As noted in the Cisco published document:

"Cisco has released software updates that address this vulnerability. There are no workarounds that address all the features that are affected by this vulnerability."

As long as you have remote access VPN enabled and are running a software release prior to the ones recommended to fix the issue, you are subject to the vulnerability.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card