BDU:2024-04644

Опубликовано: 22 мая 2024

Источник: fstec

CVSS3: 5

CVSS2: 4

EPSS Низкий

Описание

Уязвимость реализации модуля единого входа в приложения (SAML) для служб удаленного доступа VPN микропрограммного обеспечения межсетевых экранов Cisco Adaptive Security Appliance (ASA) и Cisco Firepower Threat Defense (FTD) связана с отсутствием процедуры авторизации. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, установить сеанс VPN на уязвимом устройстве

Вендор

Cisco Systems Inc.

Наименование ПО

Firepower Threat Defense

Adaptive Security Appliance

Версия ПО

6.2.3 (Firepower Threat Defense)

6.4.0 (Firepower Threat Defense)

6.2.3.16 (Firepower Threat Defense)

9.8.4.22 (Adaptive Security Appliance)

9.8.4.25 (Adaptive Security Appliance)

9.12.4.2 (Adaptive Security Appliance)

9.14.1.15 (Adaptive Security Appliance)

9.16.1 (Adaptive Security Appliance)

7.0.0 (Firepower Threat Defense)

7.2.0 (Firepower Threat Defense)

7.2.0.1 (Firepower Threat Defense)

9.14.1 (Adaptive Security Appliance)

9.14.1.10 (Adaptive Security Appliance)

9.14.1.19 (Adaptive Security Appliance)

9.14.1.30 (Adaptive Security Appliance)

9.14.2 (Adaptive Security Appliance)

9.14.2.4 (Adaptive Security Appliance)

9.14.2.8 (Adaptive Security Appliance)

9.14.2.13 (Adaptive Security Appliance)

9.14.2.15 (Adaptive Security Appliance)

9.14.3 (Adaptive Security Appliance)

9.14.3.1 (Adaptive Security Appliance)

9.14.3.9 (Adaptive Security Appliance)

9.14.3.13 (Adaptive Security Appliance)

9.14.3.15 (Adaptive Security Appliance)

9.14.3.18 (Adaptive Security Appliance)

9.15.1 (Adaptive Security Appliance)

9.15.1.1 (Adaptive Security Appliance)

9.15.1.7 (Adaptive Security Appliance)

9.15.1.10 (Adaptive Security Appliance)

9.15.1.21 (Adaptive Security Appliance)

6.6.0 (Firepower Threat Defense)

6.6.0.1 (Firepower Threat Defense)

6.6.1 (Firepower Threat Defense)

6.6.3 (Firepower Threat Defense)

6.6.4 (Firepower Threat Defense)

6.6.5 (Firepower Threat Defense)

6.6.5.1 (Firepower Threat Defense)

6.6.5.2 (Firepower Threat Defense)

7.0.0.1 (Firepower Threat Defense)

7.0.1 (Firepower Threat Defense)

7.0.1.1 (Firepower Threat Defense)

7.0.2 (Firepower Threat Defense)

7.0.2.1 (Firepower Threat Defense)

7.0.3 (Firepower Threat Defense)

7.0.4 (Firepower Threat Defense)

7.1.0.1 (Firepower Threat Defense)

7.1.0.2 (Firepower Threat Defense)

9.8.2.28 (Adaptive Security Appliance)

9.8.2.33 (Adaptive Security Appliance)

9.8.2.35 (Adaptive Security Appliance)

9.8.2.38 (Adaptive Security Appliance)

9.8.3 (Adaptive Security Appliance)

9.8.3.8 (Adaptive Security Appliance)

9.8.3.11 (Adaptive Security Appliance)

9.8.3.14 (Adaptive Security Appliance)

9.8.3.16 (Adaptive Security Appliance)

9.8.3.18 (Adaptive Security Appliance)

9.8.3.21 (Adaptive Security Appliance)

9.8.3.26 (Adaptive Security Appliance)

9.8.3.29 (Adaptive Security Appliance)

9.8.4 (Adaptive Security Appliance)

9.8.4.3 (Adaptive Security Appliance)

9.8.4.7 (Adaptive Security Appliance)

9.8.4.8 (Adaptive Security Appliance)

9.8.4.10 (Adaptive Security Appliance)

9.8.4.12 (Adaptive Security Appliance)

9.8.4.15 (Adaptive Security Appliance)

9.8.4.17 (Adaptive Security Appliance)

9.14.3.11 (Adaptive Security Appliance)

9.14.4.6 (Adaptive Security Appliance)

9.14.4 (Adaptive Security Appliance)

9.14.4.7 (Adaptive Security Appliance)

9.14.4.12 (Adaptive Security Appliance)

9.15.1.15 (Adaptive Security Appliance)

9.15.1.16 (Adaptive Security Appliance)

9.15.1.17 (Adaptive Security Appliance)

9.16.3 (Adaptive Security Appliance)

9.16.3.3 (Adaptive Security Appliance)

9.16.3.14 (Adaptive Security Appliance)

9.17.1 (Adaptive Security Appliance)

9.17.1.7 (Adaptive Security Appliance)

9.17.1.9 (Adaptive Security Appliance)

9.17.1.10 (Adaptive Security Appliance)

9.17.1.11 (Adaptive Security Appliance)

9.17.1.13 (Adaptive Security Appliance)

9.17.1.15 (Adaptive Security Appliance)

9.18.1 (Adaptive Security Appliance)

6.6.7 (Firepower Threat Defense)

9.16.1.28 (Adaptive Security Appliance)

9.16.2 (Adaptive Security Appliance)

9.16.2.3 (Adaptive Security Appliance)

9.16.2.7 (Adaptive Security Appliance)

9.16.2.11 (Adaptive Security Appliance)

9.16.2.13 (Adaptive Security Appliance)

9.16.2.14 (Adaptive Security Appliance)

9.16.3.15 (Adaptive Security Appliance)

9.16.3.19 (Adaptive Security Appliance)

9.16.3.23 (Adaptive Security Appliance)

9.16.4 (Adaptive Security Appliance)

9.16.4.9 (Adaptive Security Appliance)

9.17.1.20 (Adaptive Security Appliance)

9.18.1.3 (Adaptive Security Appliance)

9.18.2 (Adaptive Security Appliance)

9.18.2.5 (Adaptive Security Appliance)

9.18.2.7 (Adaptive Security Appliance)

9.19.1 (Adaptive Security Appliance)

7.0.5 (Firepower Threat Defense)

7.1.0.3 (Firepower Threat Defense)

7.2.1 (Firepower Threat Defense)

7.2.2 (Firepower Threat Defense)

7.2.3 (Firepower Threat Defense)

7.3.0 (Firepower Threat Defense)

7.3.1 (Firepower Threat Defense)

7.3.1.1 (Firepower Threat Defense)

7.2.4 (Firepower Threat Defense)

9.8.4.20 (Adaptive Security Appliance)

9.8.4.26 (Adaptive Security Appliance)

9.8.4.29 (Adaptive Security Appliance)

9.12.1 (Adaptive Security Appliance)

9.12.1.2 (Adaptive Security Appliance)

9.12.1.3 (Adaptive Security Appliance)

9.12.2 (Adaptive Security Appliance)

9.12.2.1 (Adaptive Security Appliance)

9.12.2.4 (Adaptive Security Appliance)

9.12.2.5 (Adaptive Security Appliance)

9.12.2.9 (Adaptive Security Appliance)

9.12.3 (Adaptive Security Appliance)

9.12.3.2 (Adaptive Security Appliance)

9.12.3.7 (Adaptive Security Appliance)

9.12.3.9 (Adaptive Security Appliance)

9.12.4 (Adaptive Security Appliance)

9.12.4.4 (Adaptive Security Appliance)

9.12.4.7 (Adaptive Security Appliance)

9.12.4.8 (Adaptive Security Appliance)

9.12.4.10 (Adaptive Security Appliance)

9.12.4.13 (Adaptive Security Appliance)

9.12.4.18 (Adaptive Security Appliance)

9.12.4.24 (Adaptive Security Appliance)

9.12.4.26 (Adaptive Security Appliance)

9.12.4.29 (Adaptive Security Appliance)

9.12.4.30 (Adaptive Security Appliance)

9.12.4.35 (Adaptive Security Appliance)

9.14.1.6 (Adaptive Security Appliance)

9.8.4.32 (Adaptive Security Appliance)

9.8.4.33 (Adaptive Security Appliance)

9.8.4.34 (Adaptive Security Appliance)

9.8.4.35 (Adaptive Security Appliance)

9.8.4.39 (Adaptive Security Appliance)

9.8.4.40 (Adaptive Security Appliance)

9.8.4.41 (Adaptive Security Appliance)

9.8.4.43 (Adaptive Security Appliance)

9.8.4.44 (Adaptive Security Appliance)

9.8.4.45 (Adaptive Security Appliance)

9.8.4.46 (Adaptive Security Appliance)

9.8.4.48 (Adaptive Security Appliance)

9.12.3.12 (Adaptive Security Appliance)

9.12.4.37 (Adaptive Security Appliance)

9.12.4.38 (Adaptive Security Appliance)

9.12.4.39 (Adaptive Security Appliance)

9.12.4.40 (Adaptive Security Appliance)

9.12.4.41 (Adaptive Security Appliance)

9.12.4.47 (Adaptive Security Appliance)

9.12.4.48 (Adaptive Security Appliance)

9.12.4.50 (Adaptive Security Appliance)

9.12.4.52 (Adaptive Security Appliance)

9.12.4.54 (Adaptive Security Appliance)

9.12.4.55 (Adaptive Security Appliance)

9.12.4.56 (Adaptive Security Appliance)

9.14.4.13 (Adaptive Security Appliance)

9.14.4.14 (Adaptive Security Appliance)

9.14.4.15 (Adaptive Security Appliance)

9.14.4.17 (Adaptive Security Appliance)

9.14.4.22 (Adaptive Security Appliance)

9.14.4.23 (Adaptive Security Appliance)

9.16.4.14 (Adaptive Security Appliance)

9.16.4.18 (Adaptive Security Appliance)

9.17.1.30 (Adaptive Security Appliance)

9.18.2.8 (Adaptive Security Appliance)

9.18.3 (Adaptive Security Appliance)

9.19.1.5 (Adaptive Security Appliance)

9.19.1.9 (Adaptive Security Appliance)

6.2.3.3 (Firepower Threat Defense)

6.2.3.4 (Firepower Threat Defense)

6.2.3.5 (Firepower Threat Defense)

6.2.3.6 (Firepower Threat Defense)

6.2.3.7 (Firepower Threat Defense)

6.2.3.8 (Firepower Threat Defense)

6.2.3.9 (Firepower Threat Defense)

6.2.3.10 (Firepower Threat Defense)

6.2.3.11 (Firepower Threat Defense)

6.2.3.12 (Firepower Threat Defense)

6.2.3.13 (Firepower Threat Defense)

6.2.3.14 (Firepower Threat Defense)

6.2.3.15 (Firepower Threat Defense)

6.2.3.17 (Firepower Threat Defense)

6.2.3.18 (Firepower Threat Defense)

6.4.0.1 (Firepower Threat Defense)

6.4.0.2 (Firepower Threat Defense)

6.4.0.3 (Firepower Threat Defense)

6.4.0.4 (Firepower Threat Defense)

6.4.0.5 (Firepower Threat Defense)

6.4.0.6 (Firepower Threat Defense)

6.4.0.7 (Firepower Threat Defense)

6.4.0.8 (Firepower Threat Defense)

6.4.0.9 (Firepower Threat Defense)

6.4.0.10 (Firepower Threat Defense)

6.4.0.11 (Firepower Threat Defense)

6.4.0.12 (Firepower Threat Defense)

6.4.0.13 (Firepower Threat Defense)

6.4.0.14 (Firepower Threat Defense)

6.4.0.15 (Firepower Threat Defense)

6.4.0.16 (Firepower Threat Defense)

6.6.7.1 (Firepower Threat Defense)

6.7.0 (Firepower Threat Defense)

6.7.0.1 (Firepower Threat Defense)

6.7.0.2 (Firepower Threat Defense)

6.7.0.3 (Firepower Threat Defense)

7.1.0 (Firepower Threat Defense)

6.2.3.1 (Firepower Threat Defense)

6.2.3.2 (Firepower Threat Defense)

9.12.4.58 (Adaptive Security Appliance)

9.16.4.19 (Adaptive Security Appliance)

9.18.3.39 (Adaptive Security Appliance)

7.3.1.2 (Firepower Threat Defense)

6.6.7.2 (Firepower Threat Defense)

9.8.2.45 (Adaptive Security Appliance)

9.14.4.24 (Adaptive Security Appliance)

Тип ПО

ПО программно-аппаратного средства

ПО сетевого программно-аппаратного средства

Операционные системы и аппаратные платформы

Cisco Systems Inc. - -

Уровень опасности уязвимости

Средний уровень опасности (базовая оценка CVSS 2.0 составляет 4)

Средний уровень опасности (базовая оценка CVSS 3.0 составляет 5)

Возможные меры по устранению уязвимости

Использование рекомендаций:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-bypass-KkNvXyKW

Статус уязвимости

Подтверждена производителем

Наличие эксплойта

Данные уточняются

Информация об устранении

Уязвимость устранена

Ссылки на источники

Идентификаторы других систем описаний уязвимостей

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-20355
CVE

EPSS

Процентиль: 72%

0.00726

Низкий

5 Medium

CVSS3

4 Medium

CVSS2

Связанные уязвимости

CVE-2024-20355

CVSS3: 5

nvd

больше 1 года назад

A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an affected device. This vulnerability is due to improper separation of authorization domains when using SAML authentication. An attacker could exploit this vulnerability by using valid credentials to successfully authenticate using their designated connection profile (tunnel group), intercepting the SAML SSO token that is sent back from the Cisco ASA device, and then submitting the same SAML SSO token to a different tunnel group for authentication. A successful exploit could allow the attacker to establish a remote access VPN session using a connection profile that they are not authorized to use and connect to secured networks behind the affected device that they are not authorized to access. For

GHSA-2fpj-x8pr-gx6p

CVSS3: 5

github

больше 1 года назад

EPSS

Процентиль: 72%

0.00726

Низкий

5 Medium

CVSS3

4 Medium

CVSS2