Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2023-2279
Vulnerability from csaf_certbund
Published
2023-09-06 22:00
Modified
2023-09-07 22:00
Summary
Cisco ASA (Adaptive Security Appliance): Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Die Cisco ASA Appliance bietet Funktionen zur Sicherung von Anwendungssoftware, wie beispielsweise Firewall oder VPN.
Firepower ist eine Firewall-Plattform von Cisco
Angriff
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Cisco ASA (Adaptive Security Appliance) und Cisco Firepower ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- CISCO Appliance
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Die Cisco ASA Appliance bietet Funktionen zur Sicherung von Anwendungssoftware, wie beispielsweise Firewall oder VPN.\r\nFirepower ist eine Firewall-Plattform von Cisco", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Cisco ASA (Adaptive Security Appliance) und Cisco Firepower ausnutzen, um Sicherheitsvorkehrungen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- CISCO Appliance", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-2279 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2279.json" }, { "category": "self", "summary": "WID-SEC-2023-2279 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2279" }, { "category": "external", "summary": "Cisco Security Advisory CISCO-SA-ASAFTD-RAVPN-AUTH-8LYFCKEC vom 2023-09-06", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ravpn-auth-8LyfCkeC" } ], "source_lang": "en-US", "title": "Cisco ASA (Adaptive Security Appliance): Schwachstelle erm\u00f6glicht Umgehen von Sicherheitsvorkehrungen", "tracking": { "current_release_date": "2023-09-07T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:43:12.702+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-2279", "initial_release_date": "2023-09-06T22:00:00.000+00:00", "revision_history": [ { "date": "2023-09-06T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-09-07T22:00:00.000+00:00", "number": "2", "summary": "Exploit aufgenommen" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Cisco ASA (Adaptive Security Appliance)", "product": { "name": "Cisco ASA (Adaptive Security Appliance)", "product_id": "T029735", "product_identification_helper": { "cpe": "cpe:/h:cisco:adaptive_security_appliance:-" } } }, { "category": "product_name", "name": "Cisco Firepower Threat Defense", "product": { "name": "Cisco Firepower Threat Defense", "product_id": "T029736", "product_identification_helper": { "cpe": "cpe:/a:cisco:firepower:threat_defense" } } } ], "category": "vendor", "name": "Cisco" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-20269", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in Cisco ASA (Adaptive Security Appliance) und Cisco Firepower. Es ist m\u00f6glich mithilfe einer Brute-Force-Attacke die Autorisierung im VPN zu umgehen, da unzureichend zwischen Autorisierung, Authentisierung und Accounting getrennt wird. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T029736", "T029735" ] }, "release_date": "2023-09-06T22:00:00Z", "title": "CVE-2023-20269" } ] }
cve-2023-20269
Vulnerability from cvelistv5
Published
2023-09-06 17:09
Modified
2024-10-23 19:00
Severity ?
EPSS score ?
Summary
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user.
This vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features. An attacker could exploit this vulnerability by specifying a default connection profile/tunnel group while conducting a brute force attack or while establishing a clientless SSL VPN session using valid credentials. A successful exploit could allow the attacker to achieve one or both of the following:
Identify valid credentials that could then be used to establish an unauthorized remote access VPN session.
Establish a clientless SSL VPN session (only when running Cisco ASA Software Release 9.16 or earlier).
Notes:
Establishing a client-based remote access VPN tunnel is not possible as these default connection profiles/tunnel groups do not and cannot have an IP address pool configured.
This vulnerability does not allow an attacker to bypass authentication. To successfully establish a remote access VPN session, valid credentials are required, including a valid second factor if multi-factor authentication (MFA) is configured.
Cisco will release software updates that address this vulnerability. There are workarounds that address this vulnerability.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: 9.8.1 Version: 9.8.1.5 Version: 9.8.1.7 Version: 9.8.2 Version: 9.8.2.8 Version: 9.8.2.14 Version: 9.8.2.15 Version: 9.8.2.17 Version: 9.8.2.20 Version: 9.8.2.24 Version: 9.8.2.26 Version: 9.8.2.28 Version: 9.8.2.33 Version: 9.8.2.35 Version: 9.8.2.38 Version: 9.8.3.8 Version: 9.8.3.11 Version: 9.8.3.14 Version: 9.8.3.16 Version: 9.8.3.18 Version: 9.8.3.21 Version: 9.8.3 Version: 9.8.3.26 Version: 9.8.3.29 Version: 9.8.4 Version: 9.8.4.3 Version: 9.8.4.7 Version: 9.8.4.8 Version: 9.8.4.10 Version: 9.8.4.12 Version: 9.8.4.15 Version: 9.8.4.17 Version: 9.8.4.25 Version: 9.8.4.20 Version: 9.8.4.22 Version: 9.8.4.26 Version: 9.8.4.29 Version: 9.8.4.32 Version: 9.8.4.33 Version: 9.8.4.34 Version: 9.8.4.35 Version: 9.8.4.39 Version: 9.8.4.40 Version: 9.8.4.41 Version: 9.8.4.43 Version: 9.8.4.44 Version: 9.8.4.45 Version: 9.8.4.46 Version: 9.8.4.48 Version: 9.12.1 Version: 9.12.1.2 Version: 9.12.1.3 Version: 9.12.2 Version: 9.12.2.4 Version: 9.12.2.5 Version: 9.12.2.9 Version: 9.12.3 Version: 9.12.3.2 Version: 9.12.3.7 Version: 9.12.4 Version: 9.12.3.12 Version: 9.12.3.9 Version: 9.12.2.1 Version: 9.12.4.2 Version: 9.12.4.4 Version: 9.12.4.7 Version: 9.12.4.10 Version: 9.12.4.13 Version: 9.12.4.8 Version: 9.12.4.18 Version: 9.12.4.24 Version: 9.12.4.26 Version: 9.12.4.29 Version: 9.12.4.30 Version: 9.12.4.35 Version: 9.12.4.37 Version: 9.12.4.38 Version: 9.12.4.39 Version: 9.12.4.40 Version: 9.12.4.41 Version: 9.12.4.47 Version: 9.12.4.48 Version: 9.12.4.50 Version: 9.12.4.52 Version: 9.12.4.54 Version: 9.12.4.55 Version: 9.12.4.56 Version: 9.12.4.58 Version: 9.14.1 Version: 9.14.1.10 Version: 9.14.1.6 Version: 9.14.1.15 Version: 9.14.1.19 Version: 9.14.1.30 Version: 9.14.2 Version: 9.14.2.4 Version: 9.14.2.8 Version: 9.14.2.13 Version: 9.14.2.15 Version: 9.14.3 Version: 9.14.3.1 Version: 9.14.3.9 Version: 9.14.3.11 Version: 9.14.3.13 Version: 9.14.3.18 Version: 9.14.3.15 Version: 9.14.4 Version: 9.14.4.6 Version: 9.14.4.7 Version: 9.14.4.12 Version: 9.14.4.13 Version: 9.14.4.14 Version: 9.14.4.15 Version: 9.14.4.17 Version: 9.14.4.22 Version: 9.14.4.23 Version: 9.15.1 Version: 9.15.1.7 Version: 9.15.1.10 Version: 9.15.1.15 Version: 9.15.1.16 Version: 9.15.1.17 Version: 9.15.1.1 Version: 9.15.1.21 Version: 9.16.1 Version: 9.16.1.28 Version: 9.16.2 Version: 9.16.2.3 Version: 9.16.2.7 Version: 9.16.2.11 Version: 9.16.2.13 Version: 9.16.2.14 Version: 9.16.3 Version: 9.16.3.3 Version: 9.16.3.14 Version: 9.16.3.15 Version: 9.16.3.19 Version: 9.16.3.23 Version: 9.16.4 Version: 9.16.4.9 Version: 9.16.4.14 Version: 9.16.4.18 Version: 9.16.4.19 Version: 9.16.4.27 Version: 9.16.4.38 Version: 9.17.1 Version: 9.17.1.7 Version: 9.17.1.9 Version: 9.17.1.10 Version: 9.17.1.11 Version: 9.17.1.13 Version: 9.17.1.15 Version: 9.17.1.20 Version: 9.17.1.30 Version: 9.18.1 Version: 9.18.1.3 Version: 9.18.2 Version: 9.18.2.5 Version: 9.18.2.7 Version: 9.18.2.8 Version: 9.18.3 Version: 9.18.3.39 Version: 9.18.3.46 Version: 9.18.3.53 Version: 9.18.3.55 Version: 9.19.1 Version: 9.19.1.5 Version: 9.19.1.9 Version: 9.19.1.12 Version: 9.19.1.18 |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:05:36.935Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "cisco-sa-asaftd-ravpn-auth-8LyfCkeC", "tags": [ "x_transferred" ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ravpn-auth-8LyfCkeC" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-20269", "options": [ { "Exploitation": "Active" }, { "Automatable": "No" }, { "Technical Impact": "Partial" } ], "role": "CISA Coordinator", "timestamp": "2023-11-15T16:35:58.673645Z", "version": "2.0.3" }, "type": "ssvc" } }, { "other": { "content": { "dateAdded": "2023-09-13", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-20269" }, "type": "kev" } } ], "providerMetadata": { "dateUpdated": "2024-10-23T19:00:14.394Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco Adaptive Security Appliance (ASA) Software", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "9.8.1" }, { "status": "affected", "version": "9.8.1.5" }, { "status": "affected", "version": "9.8.1.7" }, { "status": "affected", "version": "9.8.2" }, { "status": "affected", "version": "9.8.2.8" }, { "status": "affected", "version": "9.8.2.14" }, { "status": "affected", "version": "9.8.2.15" }, { "status": "affected", "version": "9.8.2.17" }, { "status": "affected", "version": "9.8.2.20" }, { "status": "affected", "version": "9.8.2.24" }, { "status": "affected", "version": "9.8.2.26" }, { "status": "affected", "version": "9.8.2.28" }, { "status": "affected", "version": "9.8.2.33" }, { "status": "affected", "version": "9.8.2.35" }, { "status": "affected", "version": "9.8.2.38" }, { "status": "affected", "version": "9.8.3.8" }, { "status": "affected", "version": "9.8.3.11" }, { "status": "affected", "version": "9.8.3.14" }, { "status": "affected", "version": "9.8.3.16" }, { "status": "affected", "version": "9.8.3.18" }, { "status": "affected", "version": "9.8.3.21" }, { "status": "affected", "version": "9.8.3" }, { "status": "affected", "version": "9.8.3.26" }, { "status": "affected", "version": "9.8.3.29" }, { "status": "affected", "version": "9.8.4" }, { "status": "affected", "version": "9.8.4.3" }, { "status": "affected", "version": "9.8.4.7" }, { "status": "affected", "version": "9.8.4.8" }, { "status": "affected", "version": "9.8.4.10" }, { "status": "affected", "version": "9.8.4.12" }, { "status": "affected", "version": "9.8.4.15" }, { "status": "affected", "version": "9.8.4.17" }, { "status": "affected", "version": "9.8.4.25" }, { "status": "affected", "version": "9.8.4.20" }, { "status": "affected", "version": "9.8.4.22" }, { "status": "affected", "version": "9.8.4.26" }, { "status": "affected", "version": "9.8.4.29" }, { "status": "affected", "version": "9.8.4.32" }, { "status": "affected", "version": "9.8.4.33" }, { "status": "affected", "version": "9.8.4.34" }, { "status": "affected", "version": "9.8.4.35" }, { "status": "affected", "version": "9.8.4.39" }, { "status": "affected", "version": "9.8.4.40" }, { "status": "affected", "version": "9.8.4.41" }, { "status": "affected", "version": "9.8.4.43" }, { "status": "affected", "version": "9.8.4.44" }, { "status": "affected", "version": "9.8.4.45" }, { "status": "affected", "version": "9.8.4.46" }, { "status": "affected", "version": "9.8.4.48" }, { "status": "affected", "version": "9.12.1" }, { "status": "affected", "version": "9.12.1.2" }, { "status": "affected", "version": "9.12.1.3" }, { "status": "affected", "version": "9.12.2" }, { "status": "affected", "version": "9.12.2.4" }, { "status": "affected", "version": "9.12.2.5" }, { "status": "affected", "version": "9.12.2.9" }, { "status": "affected", "version": "9.12.3" }, { "status": "affected", "version": "9.12.3.2" }, { "status": "affected", "version": "9.12.3.7" }, { "status": "affected", "version": "9.12.4" }, { "status": "affected", "version": "9.12.3.12" }, { "status": "affected", "version": "9.12.3.9" }, { "status": "affected", "version": "9.12.2.1" }, { "status": "affected", "version": "9.12.4.2" }, { "status": "affected", "version": "9.12.4.4" }, { "status": "affected", "version": "9.12.4.7" }, { "status": "affected", "version": "9.12.4.10" }, { "status": "affected", "version": "9.12.4.13" }, { "status": "affected", "version": "9.12.4.8" }, { "status": "affected", "version": "9.12.4.18" }, { "status": "affected", "version": "9.12.4.24" }, { "status": "affected", "version": "9.12.4.26" }, { "status": "affected", "version": "9.12.4.29" }, { "status": "affected", "version": "9.12.4.30" }, { "status": "affected", "version": "9.12.4.35" }, { "status": "affected", "version": "9.12.4.37" }, { "status": "affected", "version": "9.12.4.38" }, { "status": "affected", "version": "9.12.4.39" }, { "status": "affected", "version": "9.12.4.40" }, { "status": "affected", "version": "9.12.4.41" }, { "status": "affected", "version": "9.12.4.47" }, { "status": "affected", "version": "9.12.4.48" }, { "status": "affected", "version": "9.12.4.50" }, { "status": "affected", "version": "9.12.4.52" }, { "status": "affected", "version": "9.12.4.54" }, { "status": "affected", "version": "9.12.4.55" }, { "status": "affected", "version": "9.12.4.56" }, { "status": "affected", "version": "9.12.4.58" }, { "status": "affected", "version": "9.14.1" }, { "status": "affected", "version": "9.14.1.10" }, { "status": "affected", "version": "9.14.1.6" }, { "status": "affected", "version": "9.14.1.15" }, { "status": "affected", "version": "9.14.1.19" }, { "status": "affected", "version": "9.14.1.30" }, { "status": "affected", "version": "9.14.2" }, { "status": "affected", "version": "9.14.2.4" }, { "status": "affected", "version": "9.14.2.8" }, { "status": "affected", "version": "9.14.2.13" }, { "status": "affected", "version": "9.14.2.15" }, { "status": "affected", "version": "9.14.3" }, { "status": "affected", "version": "9.14.3.1" }, { "status": "affected", "version": "9.14.3.9" }, { "status": "affected", "version": "9.14.3.11" }, { "status": "affected", "version": "9.14.3.13" }, { "status": "affected", "version": "9.14.3.18" }, { "status": "affected", "version": "9.14.3.15" }, { "status": "affected", "version": "9.14.4" }, { "status": "affected", "version": "9.14.4.6" }, { "status": "affected", "version": "9.14.4.7" }, { "status": "affected", "version": "9.14.4.12" }, { "status": "affected", "version": "9.14.4.13" }, { "status": "affected", "version": "9.14.4.14" }, { "status": "affected", "version": "9.14.4.15" }, { "status": "affected", "version": "9.14.4.17" }, { "status": "affected", "version": "9.14.4.22" }, { "status": "affected", "version": "9.14.4.23" }, { "status": "affected", "version": "9.15.1" }, { "status": "affected", "version": "9.15.1.7" }, { "status": "affected", "version": "9.15.1.10" }, { "status": "affected", "version": "9.15.1.15" }, { "status": "affected", "version": "9.15.1.16" }, { "status": "affected", "version": "9.15.1.17" }, { "status": "affected", "version": "9.15.1.1" }, { "status": "affected", "version": "9.15.1.21" }, { "status": "affected", "version": "9.16.1" }, { "status": "affected", "version": "9.16.1.28" }, { "status": "affected", "version": "9.16.2" }, { "status": "affected", "version": "9.16.2.3" }, { "status": "affected", "version": "9.16.2.7" }, { "status": "affected", "version": "9.16.2.11" }, { "status": "affected", "version": "9.16.2.13" }, { "status": "affected", "version": "9.16.2.14" }, { "status": "affected", "version": "9.16.3" }, { "status": "affected", "version": "9.16.3.3" }, { "status": "affected", "version": "9.16.3.14" }, { "status": "affected", "version": "9.16.3.15" }, { "status": "affected", "version": "9.16.3.19" }, { "status": "affected", "version": "9.16.3.23" }, { "status": "affected", "version": "9.16.4" }, { "status": "affected", "version": "9.16.4.9" }, { "status": "affected", "version": "9.16.4.14" }, { "status": "affected", "version": "9.16.4.18" }, { "status": "affected", "version": "9.16.4.19" }, { "status": "affected", "version": "9.16.4.27" }, { "status": "affected", "version": "9.16.4.38" }, { "status": "affected", "version": "9.17.1" }, { "status": "affected", "version": "9.17.1.7" }, { "status": "affected", "version": "9.17.1.9" }, { "status": "affected", "version": "9.17.1.10" }, { "status": "affected", "version": "9.17.1.11" }, { "status": "affected", "version": "9.17.1.13" }, { "status": "affected", "version": "9.17.1.15" }, { "status": "affected", "version": "9.17.1.20" }, { "status": "affected", "version": "9.17.1.30" }, { "status": "affected", "version": "9.18.1" }, { "status": "affected", "version": "9.18.1.3" }, { "status": "affected", "version": "9.18.2" }, { "status": "affected", "version": "9.18.2.5" }, { "status": "affected", "version": "9.18.2.7" }, { "status": "affected", "version": "9.18.2.8" }, { "status": "affected", "version": "9.18.3" }, { "status": "affected", "version": "9.18.3.39" }, { "status": "affected", "version": "9.18.3.46" }, { "status": "affected", "version": "9.18.3.53" }, { "status": "affected", "version": "9.18.3.55" }, { "status": "affected", "version": "9.19.1" }, { "status": "affected", "version": "9.19.1.5" }, { "status": "affected", "version": "9.19.1.9" }, { "status": "affected", "version": "9.19.1.12" }, { "status": "affected", "version": "9.19.1.18" } ] }, { "product": "Cisco Firepower Threat Defense Software", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "6.2.3" }, { "status": "affected", "version": "6.2.3.1" }, { "status": "affected", "version": "6.2.3.2" }, { "status": "affected", "version": "6.2.3.3" }, { "status": "affected", "version": "6.2.3.4" }, { "status": "affected", "version": "6.2.3.5" }, { "status": "affected", "version": "6.2.3.6" }, { "status": "affected", "version": "6.2.3.7" }, { "status": "affected", "version": "6.2.3.8" }, { "status": "affected", "version": "6.2.3.10" }, { "status": "affected", "version": "6.2.3.11" }, { "status": "affected", "version": "6.2.3.9" }, { "status": "affected", "version": "6.2.3.12" }, { "status": "affected", "version": "6.2.3.13" }, { "status": "affected", "version": "6.2.3.14" }, { "status": "affected", "version": "6.2.3.15" }, { "status": "affected", "version": "6.2.3.16" }, { "status": "affected", "version": "6.2.3.17" }, { "status": "affected", "version": "6.2.3.18" }, { "status": "affected", "version": "6.6.0" }, { "status": "affected", "version": "6.6.0.1" }, { "status": "affected", "version": "6.6.1" }, { "status": "affected", "version": "6.6.3" }, { "status": "affected", "version": "6.6.4" }, { "status": "affected", "version": "6.6.5" }, { "status": "affected", "version": "6.6.5.1" }, { "status": "affected", "version": "6.6.5.2" }, { "status": "affected", "version": "6.6.7" }, { "status": "affected", "version": "6.6.7.1" }, { "status": "affected", "version": "6.4.0" }, { "status": "affected", "version": "6.4.0.1" }, { "status": "affected", "version": "6.4.0.3" }, { "status": "affected", "version": "6.4.0.2" }, { "status": "affected", "version": "6.4.0.4" }, { "status": "affected", "version": "6.4.0.5" }, { "status": "affected", "version": "6.4.0.6" }, { "status": "affected", "version": "6.4.0.7" }, { "status": "affected", "version": "6.4.0.8" }, { "status": "affected", "version": "6.4.0.9" }, { "status": "affected", "version": "6.4.0.10" }, { "status": "affected", "version": "6.4.0.11" }, { "status": "affected", "version": "6.4.0.12" }, { "status": "affected", "version": "6.4.0.13" }, { "status": "affected", "version": "6.4.0.14" }, { "status": "affected", "version": "6.4.0.15" }, { "status": "affected", "version": "6.4.0.16" }, { "status": "affected", "version": "6.7.0" }, { "status": "affected", "version": "6.7.0.1" }, { "status": "affected", "version": "6.7.0.2" }, { "status": "affected", "version": "6.7.0.3" }, { "status": "affected", "version": "7.0.0" }, { "status": "affected", "version": "7.0.0.1" }, { "status": "affected", "version": "7.0.1" }, { "status": "affected", "version": "7.0.1.1" }, { "status": "affected", "version": "7.0.2" }, { "status": "affected", "version": "7.0.2.1" }, { "status": "affected", "version": "7.0.3" }, { "status": "affected", "version": "7.0.4" }, { "status": "affected", "version": "7.0.5" }, { "status": "affected", "version": "7.0.6" }, { "status": "affected", "version": "7.1.0" }, { "status": "affected", "version": "7.1.0.1" }, { "status": "affected", "version": "7.1.0.2" }, { "status": "affected", "version": "7.1.0.3" }, { "status": "affected", "version": "7.2.0" }, { "status": "affected", "version": "7.2.0.1" }, { "status": "affected", "version": "7.2.1" }, { "status": "affected", "version": "7.2.2" }, { "status": "affected", "version": "7.2.3" }, { "status": "affected", "version": "7.2.4" }, { "status": "affected", "version": "7.2.4.1" }, { "status": "affected", "version": "7.2.5" }, { "status": "affected", "version": "7.3.0" }, { "status": "affected", "version": "7.3.1" }, { "status": "affected", "version": "7.3.1.1" }, { "status": "affected", "version": "7.4.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user.\r\n\r This vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features. An attacker could exploit this vulnerability by specifying a default connection profile/tunnel group while conducting a brute force attack or while establishing a clientless SSL VPN session using valid credentials. A successful exploit could allow the attacker to achieve one or both of the following:\r\n\r \r Identify valid credentials that could then be used to establish an unauthorized remote access VPN session.\r Establish a clientless SSL VPN session (only when running Cisco ASA Software Release 9.16 or earlier).\r \r Notes:\r\n\r \r Establishing a client-based remote access VPN tunnel is not possible as these default connection profiles/tunnel groups do not and cannot have an IP address pool configured.\r This vulnerability does not allow an attacker to bypass authentication. To successfully establish a remote access VPN session, valid credentials are required, including a valid second factor if multi-factor authentication (MFA) is configured.\r \r Cisco will release software updates that address this vulnerability. There are workarounds that address this vulnerability." } ], "exploits": [ { "lang": "en", "value": "In August 2023, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of this vulnerability in the wild. Cisco strongly recommends that customers upgrade to a fixed software release to remediate this vulnerability once available and apply one of the suggested workarounds in the meantime.\r\n\r\nFor information on observed attempted exploitation of this vulnerability, see the Cisco blog post on Akira Ransomware Targeting VPNs without Multi-Factor Authentication [\"https://blogs.cisco.com/security/akira-ransomware-targeting-vpns-without-multi-factor-authentication\"]. As explained in this blog post, organizations can significantly reduce the risk of unauthorized access, including a potential ransomware infection, by enabling MFA in VPN implementations." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-288", "description": "Authentication Bypass Using an Alternate Path or Channel", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-25T16:58:36.839Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-asaftd-ravpn-auth-8LyfCkeC", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ravpn-auth-8LyfCkeC" } ], "source": { "advisory": "cisco-sa-asaftd-ravpn-auth-8LyfCkeC", "defects": [ "CSCwh23100", "CSCwh45108" ], "discovery": "EXTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2023-20269", "datePublished": "2023-09-06T17:09:29.663Z", "dateReserved": "2022-10-27T18:47:50.373Z", "dateUpdated": "2024-10-23T19:00:14.394Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.