Cisco Adaptive Security Appliance Web Services Denial of Service Vulnerability – Appliance Crash
February 8, 2020
Recently, I had couple of my ASAv’s to crash unexpectedly. Turns out its related to the bug CSCvi16029.
If you getting similar behavior where your appliances are rebooting for no reason, I would definitely check out this bug. More read can be found on Cisco Advisory Page.
Effected revisions as follow (as of post date):
Cisco ASA
| Cisco ASA Software Release | First Fixed Release for This Vulnerability |
|---|---|
| Prior to 9.11 | Migrate to 9.1.7.29 |
| 9.1 | 9.1.7.29 |
| 9.2 | 9.2.4.33 |
| 9.31 | Migrate to 9.4.4.18 |
| 9.4 | 9.4.4.18 |
| 9.51 | Migrate to 9.6.4.8 |
| 9.6 | 9.6.4.8 |
| 9.7 | 9.7.1.24 |
| 9.8 | 9.8.2.28 |
| 9.9 | 9.9.2.1 |
Cisco FTD
| Cisco FTD Software Release | First Fixed Release for This Vulnerability |
|---|---|
| 6.0 | Migrate to 6.1.0 HotFix or later |
| 6.0.1 | Migrate to 6.1.0 HotFix or later |
| 6.1.0 | Cisco_FTD_Hotfix_EI-6.1.0.7-2.sh (all FTD hardware platforms except 41xx and 9300) Cisco_FTD_SSP_Hotfix_EI-6.1.0.7-2.sh (41xx and 9300 FTD hardware platforms) |
| 6.2.0 | Not vulnerable |
| 6.2.1 | Migrate to 6.2.2.3 |
| 6.2.2 | 6.2.2.3 |
| 6.2.3 | 6.2.3.1 6.2.3-851 6.2.3-85.02 |
Good luck!
Bart
About The Author
Bart Dworzanczyk
Bart is passionate about new technologies and their impact on our lives. He does not believe in titles or amount of certifications but positive attitude and motivation. Simply the guy that make things happen. You can reach him via Linkedin or meet him on CSGO. Currently focusing on architecting and designing custom-build hybrid cloud solutions around IaaS, DRaaS, BaaS realm.