Enabling unicast reverse path forwarding ASA
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-20-2021 10:11 AM
I am getting this message when using the Cisco CLI Analyzer on my ASA5505.
Cisco ASA Unicast Reverse Path Forwarding (uRPF) Bypass Vulnerability- CSCuv60724.
Should I remove these commands on the outside interface?
What about inside?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-20-2021 10:18 AM
The bug says "This problem was introduced by ASA software version 9.3(3)". With the ASA 5505, the last version was 9.1.x, so this issue is unlikely to affect the version you are running.
Regardless, the ASA 5505 hardware is EOL, and the software has not been updated for several years, you are likely open to a considerable amount of bugs. Ideally you'd replace the hardware to a newer model such as the FPR-1010.
HTH
