Yesterday, March 5th, Green Cloud engineers correlated seemingly unrelated network events with a known Cisco ASA vulnerability. These events presented as a brief loss of connectivity while the appliance unexpectedly reloaded. Similar interruptions were reported by other service providers and industry sources throughout the day.
From Cisco's Security Advisory: "A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques."
"Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
Green Cloud reminds its partners to upgrade any customer ASAv's if they are on the older, affected firmware. We have two recommended firmware versions: 9.9.2.32 and 9.10.1.7. Note: if you would like to move to the 9.10 firmware track, Cisco requires a memory upgrade if you were previously on a 9.9 or earlier release. This memory upgrade will require coordinating with Green Cloud so we can power down the appliance and add the memory. If you do not coordinate with Green Cloud ahead of upgrading to 9.10.1.7, you may cause your ASAv to become inoperable.
The following links will give you a step-by-step procedure for the upgrade process. The process should not exceed a 30-minute window.
Please use the following URLs for ASAv firmware (only available from within the Green Cloud network, instructions below reflect the requirement that you download the firmware from the ASA itself when using the CLI or from a VM in the Green Cloud environment if using ASDM).
Our Network Operations and Engineering teams have reviewed the Green Cloud infrastructure in response to the recent network events and will be continually testing and applying any necessary updates during scheduled maintenance windows as announced through the Operational Status page (status.grncld.net).
Green Cloud Managed ASAv customers have already been upgraded as part of the normal upgrade cycle and are unaffected by this advisory.
If you have any questions or need any assistance, please contact Partner Support via email at support@gogreencloud.com or 877-465-1217, option 1.
Posted Mar 06, 2019 - 20:41 EST
This incident affected: IaaS (IaaS - Nashville, TN, IaaS - Greenville, SC, IaaS - Houston, TX, IaaS - Atlanta, GA, IaaS - Phoenix, AZ, IaaS - Minneapolis, MN) and Security.