Two vulnerabilities in Cisco ASA
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2017-12246 CVE-2017-12265 |
| CWE-ID | CWE-20 CWE-79 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Cisco ASA 5500-X Series Hardware solutions / Security hardware applicances Cisco Adaptive Security Appliance (ASA) Hardware solutions / Security hardware applicances Cisco ASA 5580 Hardware solutions / Security hardware applicances Cisco ASA 5500 Hardware solutions / Security hardware applicances |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Improper input validation
EUVDB-ID: #VU8700
Risk: Medium
CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-12246
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the implementation of the direct authentication feature in Cisco Adaptive Security Appliance (ASA) Software due to incomplete input validation of the HTTP header. A remote attacker send a specially crafted HTTP request to the local IP address and cause the affected device to reload. Successful exploitation of the vulnerability is trggerred by IPv4 or IPv6 traffic.
The vulnerability is addressed in the following versions: 10.0.13(0.161), 10.0.11(0.77), 10.0.8(40.131), 9.9.1(20.21), 9.9.1(10.4), 9.8.1(12.59), 9.8.1(1.118), 9.8.1(0.11), 9.7.1(0.155), 9.6.2(0.135), 9.8(0.99), 9.7(1.5), 9.6(3), 9.6(2.104), 9.6(2.23), 9.5(3.7), 9.4(4.190), 9.4(4.6), 9.2(4.19), 9.1(7.17).
Cisco Adaptive Security Appliance (ASA): 8.0 - 9.8.0.56
Cisco ASA 5580: 8.1.2
Cisco ASA 5500: 8.0.5 - 8.4.x
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Cross-site scripting
EUVDB-ID: #VU8703
Risk: Low
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-12265
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Cisco Adaptive Security Appliance (ASA): 9.4.4.5 - 9.8.1
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
