Lucene search

[email protected]CVE-2019-1714

HistoryMay 03, 2019 - 5:29 p.m.

CVE-2019-1714

2019-05-0317:29:00

CWE-255

[email protected]

web.nvd.nist.gov

cve-2019-1714

vulnerability

saml 2.0

sso

ssl vpn

cisco asa

cisco ftd

remote access vpn

ntlm

basic authentication

credential management

security issue

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

8.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.4%

JSON

A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to successfully establish a VPN session to an affected device. The vulnerability is due to improper credential management when using NT LAN Manager (NTLM) or basic authentication. An attacker could exploit this vulnerability by opening a VPN session to an affected device after another VPN user has successfully authenticated to the affected device via SAML SSO. A successful exploit could allow the attacker to connect to secured networks behind the affected device.

Affected configurations

NVD

Node

ciscofirepower_threat_defenseRange6.2.1–6.2.3.12

ciscofirepower_threat_defenseRange6.3.0–6.3.0.3

ciscoadaptive_security_appliance_softwareRange9.7–9.8.4

ciscoadaptive_security_appliance_softwareRange9.9–9.9.2.50

ciscoadaptive_security_appliance_softwareRange9.10–9.10.1.17

AND

ciscoadaptive_security_virtual_applianceMatch-

ciscoasa-5506-xMatch-

ciscoasa-5506h-xMatch-

ciscoasa-5506w-xMatch-

ciscoasa-5508-xMatch-

ciscoasa-5516-xMatch-

ciscoasa-5525-xMatch-

ciscoasa-5545-xMatch-

ciscoasa-5555-xMatch-

ciscofirepower_2110Match-

ciscofirepower_2120Match-

ciscofirepower_2130Match-

ciscofirepower_2140Match-

ciscofirepower_4100Match-

ciscofirepower_9300Match-

ciscoisa_3000Match-

CPENameOperatorVersion
cisco:firepower_threat_defensecisco firepower threat defenselt6.2.3.12
cisco:firepower_threat_defensecisco firepower threat defenselt6.3.0.3
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwarelt9.8.4
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwarelt9.9.2.50
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwarelt9.10.1.17

CPE	Name	Operator	Version
cisco:firepower_threat_defense	cisco firepower threat defense	lt	6.2.3.12
cisco:firepower_threat_defense	cisco firepower threat defense	lt	6.3.0.3
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	lt	9.8.4
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	lt	9.9.2.50
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	lt	9.10.1.17

CNA Affected

[
  {
    "product": "Cisco Adaptive Security Appliance (ASA) Software ",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "9.8.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "9.9.2.50",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "9.10.1.17",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Cisco Firepower Threat Defense (FTD) Software ",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "6.2.3.12",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "6.3.0.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

www.securityfocus.com/bid/108185

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asaftd-saml-vpn

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

8.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.4%

JSON

Related for CVE-2019-1714

prion1 nessus2 cvelist1 nvd1 cisco1