cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
427
Views
2
Helpful
6
Replies

CVE 2024-20481: RA VPN/SSL VPN brute force and DDOS.

SheikhNadeemK
Level 1
Level 1

Hi team, 

I have read up on this particular vulnerability and had a few doubts. 
For ASA software version 9.16(4)200, I cannot seem to find this particular release on the cisco software checker page. Anyways, is 9.16(4)67 a higher or lower release when coming to 9.16(4)200?
Thanks!

 

1 Accepted Solution

Accepted Solutions

@SheikhNadeemK looks like you are running FTD version 7.0.5 (lina is 9.16.4.200)

RobIngram_0-1731346095010.png

7.0.5 is affected with that vulnerability.

RobIngram_1-1731346232082.png

upgrade to 7.0.6.3 (as per the screenshot above) to resolve the vulnerability.

https://software.cisco.com/download/home/286285773/type/286306337/release/7.0.6

 

View solution in original post

6 Replies 6

@SheikhNadeemK are you sure you are using 9.16(4).200? Please run "show version" and provide the output

9.16(4)71 released 09/24/2024 appears to be the latest version of 9.16 https://www.cisco.com/web/software/280775065/163160/ASA-9164-Interim-Release-Notes.html and it is not affected by this vulnerability, nor 9.16.4.67.

RobIngram_0-1731308566523.png

You should upgrade to 9.16.4.67 or 9.16.4.71 to ensure you are not affected by this vulnerability.

 

Dear rob,

Thanks for the insight on this topic. Find below the output of "sh version":

Model : Cisco ASA5508-X Threat Defense (75) Version 7.0.5 (B Build 72)
UUID : e302b28c-6f49-11e9-bb20-c8d9a0fed68e
Rules update version : 2024-11-06-001-vrt
VDB version : 397
----------------------------------------------------

Cisco Adaptive Security Appliance Software Version 9.16(4)200
SSP Operating System Version 2.10(1.1400)

Compiled on Wed 16-Nov-22 18:41 GMT by builders
System image file is "disk0:/os.img"
Config file at boot was "startup-config"

Hardware: ASA5508, 8192 MB RAM, CPU Atom C2000 series 2000 MHz, 1 CPU (8 cores)
Internal ATA Compact Flash, 8000MB
BIOS Flash M25P64 @ 0xfed01000, 16384KB

 

@SheikhNadeemK looks like you are running FTD version 7.0.5 (lina is 9.16.4.200)

RobIngram_0-1731346095010.png

7.0.5 is affected with that vulnerability.

RobIngram_1-1731346232082.png

upgrade to 7.0.6.3 (as per the screenshot above) to resolve the vulnerability.

https://software.cisco.com/download/home/286285773/type/286306337/release/7.0.6

 

Thanks for this Rob! One more query if you don’t mind, how would one go about differentiating whether they’re running ASA software as the main code or FTD software on their ASA FW? Thanks again! 

@SheikhNadeemK from the show version output it states the OS and version.

Model : Cisco ASA5508-X Threat Defense (75) Version 7.0.5 (B Build 72)

Also if the appliance is running ASA or FTD software they are managed differently, the ASA is managed via CLI/ASDM whereas the FTD is managed by the GUI either using FDM or FMC.

Thanks again Rob!