Solved: Hi Mahesh,Upgrading to an

mahesh18 · ‎10-30-2014

Hi Everyone,

ASA is configured with ikev2 and below is config

5520# show running-config crypto ikev2 | include enable

crypto ikev2 enable outside client-services port 443

5520# show running-config crypto map | include interface

crypto map outside_map interface outside

I checked below weblink

CSCum96401 - Cisco ASA IKEv2 Denial of Service Vulnerability

Not Affected

8.4(7.15)

Not Affected

8.6(1.14)

Not Affected

9.0(4.8)

9.1(5.1)

Not Affected

https://tools.cisco.com/bugsearch/bug/CSCum96401

ASA which i am running has version Cisco Adaptive Security Appliance Software Version 8.4(7)

sh flash shows

asa847-k8.bin

Need to confirm if my ASA is not effected by this bug?

Regards

MAhesh

Prashant Joshi · ‎10-30-2014

Hi Mahesh,

Your ASA code (asa847-k8.bin) is affected by this Bug, recommended release is 8.4(7.23) and later.

this bug is first fixed in 8.4(7.15).

Thanks,

Prashant Joshi

View solution in original post

Marvin Rhoads · ‎11-02-2014

Hi Mahesh,

Upgrading to an interim maintenance release from within the same minor release will not change any configuration (other than the boot image name, that is).

View solution in original post

Prashant Joshi · ‎10-30-2014

Hi Mahesh,

Your ASA code (asa847-k8.bin) is affected by this Bug, recommended release is 8.4(7.23) and later.

this bug is first fixed in 8.4(7.15).

Thanks,

Prashant Joshi

mahesh18 · ‎11-02-2014

Hi Prashant,

If i upgrade the ASA code to 8.4(7.23) need to know if it will change any config like

ACL,Natting etc?

Regards

MAhesh

Marvin Rhoads · ‎11-02-2014

Hi Mahesh,

Upgrading to an interim maintenance release from within the same minor release will not change any configuration (other than the boot image name, that is).

mahesh18 · ‎11-02-2014

Many thanks Marvin.

Regards

MAhesh