SB2018042313 - Information disclosure in Cisco AnyConnect Secure Mobility Client
Published: April 23, 2018
Security Bulletin ID
SB2018042313
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Information disclosure
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Session fixation (CVE-ID: CVE-2018-0229)
The vulnerability allows a remote unauthenticated attacker to obtain potentially sensitive information.The weakness exists in the implementation of Security Assertion Markup Language (SAML) Single Sign-On (SSO) authentication due to there is no mechanism for the ASA or FTD Software to detect that the authentication request originates from the AnyConnect client directly. A remote attacker can trick the victim into clicking a specially crafted link and authenticate using the company's Identity Provider (IdP), hijack a valid authentication token, use that to establish an authenticated AnyConnect session through an affected device running ASA or FTD Software and gain access to potentially sensitive information.
Remediation
Install update from vendor's website.