Multiple vulnerabilities in Cisco Adaptive Security Appliance and Firepower Threat Defense



Published: 2020-05-07 | Updated: 2023-03-15
Risk High
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2020-3187
CVE-2020-3125
CWE-ID CWE-22
CWE-287
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software
Subscribe
Cisco Adaptive Security Appliance (ASA)
Hardware solutions / Security hardware applicances

Cisco Firepower Threat Defense (FTD)
Hardware solutions / Security hardware applicances

Vendor Cisco Systems, Inc

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

Updated 11.05.2020
Added vulnerability #2

1) Path traversal

EUVDB-ID: #VU27592

Risk: High

CVSSv3.1: 8.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2020-3187

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences in the web services interface. A remote attacker can send a specially crafted HTTP request and read or delete arbitrary files on the targeted system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Cisco Adaptive Security Appliance (ASA): 9.5 - 9.13

Cisco Firepower Threat Defense (FTD): 6.2.3 - 6.5.0

External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

2) Improper Authentication

EUVDB-ID: #VU27688

Risk: High

CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-3125

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists in the Kerberos authentication feature due to insufficient identity verification of the KDC when a successful authentication response is received. A remote attacker can spoof the KDC server response to the ASA device and bypass Kerberos authentication.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco Adaptive Security Appliance (ASA): 9.6 - 9.13

External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-asa-kerberos-bypass-96Gghe2sS


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###