Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.CISCO-SA-ASA5500X-ENTROPY-6V9BHVYP-ASA.NASLHistoryMar 31, 2023 - 12:00 a.m.
Cisco Adaptive Security Appliance Software Low Entropy Keys (cisco-sa-asa5500x-entropy-6v9bHVYP)
2023-03-3100:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
6
cisco asa
software vulnerability
drbg
prng
cisco adaptive security appliance
cryptographic collision
remote attacker
private key
ecdsa
rsa key pair
cisco bids
cisco security advisory
nessus scanner
0.001 Low
EPSS
Percentile
44.8%
A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number generator (PRNG) in Cisco Adaptive Security Appliance (ASA) Software for Cisco ASA 5506-X, ASA-5508-X and ASA 5516-X Firewalls could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private key of an affected device.
Note that devices running a fixed version of Cisco ASA Software may also be affected if they are configured with an ECDSA or RSA key pair that has been generated while running an affected release. If there is doubt, Cisco recommends regenerating all ECDSA and RSA key pairs that are configured on the device.
Please see the included Cisco BIDs and Cisco Security Advisory for more information.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(173732);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/04/06");
script_cve_id("CVE-2023-20107");
script_xref(name:"CISCO-BUG-ID", value:"CSCvm90511");
script_xref(name:"CISCO-SA", value:"cisco-sa-asa5500x-entropy-6v9bHVYP");
script_xref(name:"IAVA", value:"2023-A-0165");
script_name(english:"Cisco Adaptive Security Appliance Software Low Entropy Keys (cisco-sa-asa5500x-entropy-6v9bHVYP)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch");
script_set_attribute(attribute:"description", value:
"A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number generator (PRNG)
in Cisco Adaptive Security Appliance (ASA) Software for Cisco ASA 5506-X, ASA-5508-X and ASA 5516-X Firewalls could
allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the
private key of an affected device.
Note that devices running a fixed version of Cisco ASA Software may also be affected if they are configured with an
ECDSA or RSA key pair that has been generated while running an affected release. If there is doubt, Cisco recommends
regenerating all ECDSA and RSA key pairs that are configured on the device.
Please see the included Cisco BIDs and Cisco Security Advisory for more information.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
# https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa5500x-entropy-6v9bHVYP
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a3888719");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm90511");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvm90511");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-20107");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_cwe_id(20);
script_set_attribute(attribute:"vuln_publication_date", value:"2023/03/22");
script_set_attribute(attribute:"patch_publication_date", value:"2023/02/22");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/03/31");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:adaptive_security_appliance_software");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/Cisco/ASA/model", "Settings/ParanoidReport");
exit(0);
}
include('ccf.inc');
# Can't determine if the key-pair has been changed to one generated by an external device
if (report_paranoia < 2) audit(AUDIT_PARANOID);
var product_info = cisco::get_product_info(name:'Cisco Adaptive Security Appliance (ASA) Software');
if (product_info.model !~ '55(16|06[HW]?|08)-X')
audit(AUDIT_HOST_NOT, "an affected Cisco ASA product");
var vuln_ranges = [
{'min_ver': '0.0', 'fix_ver': '9.12.1'}
];
var reporting = make_array(
'port' , 0,
'severity', SECURITY_HOLE,
'version' , product_info['version'],
'bug_id' , 'CSCvm90511'
);
cisco::check_and_report(
product_info:product_info,
reporting:reporting,
vuln_ranges:vuln_ranges
);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | adaptive_security_appliance_software | cpe:/a:cisco:adaptive_security_appliance_software |
Related
nvd
nvd
CVE-2023-20107
2023-03-23 17:15:15
cisco
cisco
cve
cve
CVE-2023-20107
2023-03-23 17:15:15
nessus
nessus
prion
prion
Design/Logic Flaw
2023-03-23 17:15:00
cvelist
cvelist