Cisco issues urgent reboot warning for bug in ASA and Firepower appliances
Cisco has issued an urgent request to Cisco customers running specific releases of software on their Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) appliances to reboot their devices to prevent a device from hanging and stop passing traffic.
Cisco said its ASA and FTD devices are affected by a “functional software defect that will cause the device to stop passing traffic after 213 days of uptime” and that the issue is a result of a software regression bug introduced when addressing Cisco bug ID CSCva03607.
+More on Network World: IBM on the state of network security: Abysmal
The current problem is limited to device operability and it is not a vulnerability, nor is there continued exposure to the vulnerability that was already addressed. This issue cannot be triggered by a threat actor, Cisco wrote in a blog outlining the problem.
Included in the reboot warning are software releases for Firepower 220.127.116.11, 18.104.22.168
and 6.2.0 s and about 30 versions of ASA software starting with version 22.214.171.124 to 126.96.36.199. A complete list is available on the Cisco Field Notice.
Cisco defines the ASA as a security device that combines firewall, antivirus, intrusion prevention, and virtual private network (VPN) capabilities. It provides proactive threat defense that stops attacks before they spread through the network. Cisco Firepower Threat Defense (FTD) appliances are next generation firewalls with myriad security features.
+More on Network World: Cisco: IOS security update includes denial of service and code execution warnings+
“For customers with failover configurations, it is recommended to reboot the standby devices first, make them active after they complete booting, and then reboot the formerly active devices. Customers with clustering configurations should remove one slave at a time from the cluster, reboot them, and rejoin them until each slave has been rebooted. Then, move the master to one of the rebooted devices and then remove that device from the cluster, reboot it, and then have it rejoin,” Cisco stated. “The reboot of the security appliance must be performed prior to 213 days 12 hours of uptime. After the reboot, the security appliance avoids an encounter with this issue for another 213 days 12 hours.”
Updated software that addresses this issue will be published in the coming weeks., the company said.
Check out these other hot stories: