cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
954
Views
60
Helpful
17
Replies

Many vulnerabilities found in Cisco ASAs. Is it a safe VPN solution?

Hello.

As can be seen in the following link Cisco Adaptive Security Appliance Software : List of security vulnerabilities (cvedetails.com)   ,there seems to exist many Cisco ASA vulnerability issues. My boss has asked me to report to him on whether our Cisco ASA 5525 and 1100 appliances are acceptable firewall solutions for our financial enterprise, or should we scrap these ASAs.

May you please advise?

Thank you.

17 Replies 17

Thank you all for your responses! the command "#show module sfr" does show a mac address, but nothing else, so I guess it's purchased but dormant.

One last question...

It seems from the 1st link Cisco Adaptive Security Appliance Software : List of security vulnerabilities (cvedetails.com)

that the ASDM has too many significant vulnerabilities to use. Does the Firepower module patch most of these vulnerabilities?

@jmaxwellUSAF no, the firepower module is separate software image with its own vulnerabilites. This is an optional feature on the ASA, that relies on the ASA software and ASDM to manage the firepower module. So the underlying ASA, ASDM vulnerabilities apply.

FYI, the FTD image as mentioned previously is the new NGFW image this is separate to the ASA and firepower modules. The FTD image uses ASA software (lina) and the firepower features and more combined.

ASA - means its ASA code, it's not firepower code.

ASA  X model does have SFR module, which can add IPS features if you looking to deploy one.

#show module give you information

But ASA code of development Limited. and as I mentioned earlier post, its going to end of life soon.

since you mentioned to looking for up[grade - so suggest to move to FTD or firepower or cisco secure firewall (cisco confuses with many terms here) 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: