Guest

Preview Tool

Cisco Bug: CSCur20461 - ASA Threat detection adds Shun entry for attacker based on routing table

Last Modified

Apr 16, 2020

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

8.4(7) 9.1(5)

Description (partial)

Symptom:
ASA Threat detection unable to shun an attacker even though the shun entry exists

Conditions:
1) Threat detection scanning threat is configured with shun functionality(threat-detection scanning-threat shun) 
2) The ingress interface for triggering traffic is different from the interface based on  the route lookup of the trigger source IP
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.