Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
974
Views
2
Helpful
2
Replies

recent vulnerability check CVE-2024-20359/CVE-2024-20353

Go to solution
AirSail
Level 1
Level 1

‎05-14-2024 02:42 PM

folks 

I have a contextual Cisco Firepower with ASA 9.12.4 and a lot of IPSEC VPNs 

don't want to move 9.16... as of now as I have to coordinate with many customers to fix VPNs, 

I've noticed there is a patch released in Cisco website on 9.12 version for the CVEs above, which is the "9.12.4.67" 

the "9.12.4.67" is the fix the above CVEs?  any impact on the contextual firewall?

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
tvotna
Spotlight
Spotlight

‎05-14-2024 11:57 PM

Yes, CVE-2024-20359 was fixed by CSCwi98284 commit and CVE-2024-20353 by CSCwj10955. Both fixes were integrated into 9.12.4.67: https://www.cisco.com/web/software/280775065/152946/ASA-9124-Interim-Release-Notes.html
Upgrade within same major/minor version should be safe.

 

View solution in original post

2 Replies 2

Go to solution
tvotna
Spotlight
Spotlight

‎05-14-2024 11:57 PM

Yes, CVE-2024-20359 was fixed by CSCwi98284 commit and CVE-2024-20353 by CSCwj10955. Both fixes were integrated into 9.12.4.67: https://www.cisco.com/web/software/280775065/152946/ASA-9124-Interim-Release-Notes.html
Upgrade within same major/minor version should be safe.

 

Go to solution
AirSail
Level 1
Level 1

‎05-17-2024 01:52 AM

Thanks!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card