Administrators are advised to apply the appropriate updates.
Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.
Administrators are advised to monitor critical systems.
If customers have been impacted by this vulnerability on a Cisco
ASA CX device and user traffic has been interrupted, administrators may consider removing the Modular Policy Framework (MPF)
configuration on the Cisco ASA that directs user traffic to the ASA CX module. Removing the MPF configuration will cause user traffic to bypass the ASA CX module and flow though the Cisco ASA, restoring user service.
The Cisco Applied Intelligence team has created the following companion
document to guide administrators in identifying and mitigating attempts
to exploit this vulnerability prior to applying updated software: Identifying and Mitigating Exploitation of the Cisco ASA-CX and Cisco PRSM Log Retention Denial of Service Vulnerability