Improper access control in Cisco Adaptive Security Appliance (ASA) and Cisco Firewall Threat Defense (FTD) - CVE-2023-20264
Published: November 2, 2023
Vulnerability identifier: #VU82682
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2023-20264
CWE-ID: CWE-284
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco Adaptive Security Appliance (ASA)
Cisco Firewall Threat Defense (FTD)
Cisco Adaptive Security Appliance (ASA)
Cisco Firewall Threat Defense (FTD)
Detailed vulnerability description
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to insufficient validation of the login URL in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN. A remote attacker can trick a victim to access the specially crafted site and intercept the SAML assertion, leading to access to the protected network.
How to mitigate CVE-2023-20264
Install updates from vendor's website.