Lucene search
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.CISCO-SA-ASAFTD-INFO-DISCLOSE-9EJTYCMB-ASA.NASLHistoryJun 19, 2020 - 12:00 a.m.
Cisco Adaptive Security Appliance Software Web Services Information Disclosure (cisco-sa-asaftd-info-disclose-9eJtycMB)
2020-06-1900:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
25
7.5 High
AI Score
Confidence
High
A vulnerability exists in the web services interface of Cisco Adaptive Security Appliance (ASA) Software due to the handling of parsing of invalid URLs. An unauthenticated, remote attacker can exploit this, by sending a crafted GET request to the web services interface, in order to retrieve memory contents, which could lead to the disclosure of confidential information.
Please see the included Cisco BIDs and Cisco Security Advisory for more information.
Note that Nessus has not tested for this issue but has instead relied only on the applicationβs self-reported version number.
#TRUSTED 41df0113b088009fe6e6ef001303e74f53f0767e128df3e9e0c7c55c2bb2f7ba3ad5f44e8778bbee03e1e86407c141622bb8157cce47354615daa714787b4c12b44f7f4618e20f1cf50e82151f345b42e3c7b264dabdbec31836c093574a63831e2f679a0708e246b9cd03d4548f95a2372b9a7478070d8a948f995ff1569d01c51e3889baf35ae6196327d990ecdb3f3f220af76fc98c2180a8f9a2ff3f8fe8ce469a0db753a9b956600f08db7060db7883947d9a6bd3840e3bc85572062c5edde4e35f7835321ea39567359a60afcbbb6c38f8e8315614e9313767eb65ebf324ae553963e8d56fcb567036e77d8260862f8b1870b74cffd0e24ef7c1ce0461f6e8a343fe92a93f496bb13bde944965bc02991f21c7c296f5c58529a0eae823aec8833f247fc36b066a9750ca358b11fce52c9b10bad003fdc88c9dee4ad7b1a5427b46677a640df05ba8989f795018f34f69f4c2ec33c994bbb643a4b1b32e24975352f29a1d53031cafe0fe7c051df8b0360e1d4ad65d85793025f877d6560df3e97537940586bda5421ecdac1274b8f53bb7c197f3744439ba41394c48b10ccefae8f3794444af4ed8a57b1a81b4878b33e0d479ed44c01b8ba60da83888126f0be92dd8e1172306757c4298463bc89027b6688623ea42828cd9dda9071b0cdd2d84ae2e0b24ba3b426ed40a1dbcd7776c817bbfcacde74d5db65f284c7a
#TRUST-RSA-SHA256 97209a9d75410433923bd8e4e5ce2eefef5dc259a82af6ff1ba40a23736d04d712115c38bcec6f5f9e29d1a3246dcbab19f8fc7579272fa92e7c7d3f28126c7637f0f954437fdde3721fd8f9ca9bbd40b375054c32bd7a7266e186d4707a2be20db826641aa60ee8aa681a05c829383af1d87c1a0baa0e61e10d3c360e4112f17b8aa20c74a79b157864060200644cdbfca28fcf1d610b75c3382faba7274e7bfcd6ced00a676ff70f25b180a6667cee07792408919d85657b5445c53eaca46bb00de76f5b8027365b07ddc4127d9d8ca34d352a354f75367d9e194a5c362bfb526994c1a5bdf0106c31421b926e465dbdd6a50d0982ac0452175326d20bc31442e147ed1cc08364abb1bb62ba30d21f733f496396e69a03e0ba433ef33ce2bb17d047d0171312d2892a2fb25d8d4544f2a566b3a4a3765fffdbc270fdcc273818b3c40464f43af9b34a82869ebaf7b208457faa2a531b5e525754539c575c478633c5e6a96c46ef4ed5a64dc82a1b4634d17acad5bf7fdf0f8bd744c62ef8748e03de451e66dcc7b4d6c3a6615db132de43052975647ec4ea064028b807a19f20873521092142b5762efc0197f55a8e43e4bccfd5004c45cd6023b63f7c17aa5fe1c49994067d094392c9c42f8bce311570a93cabdc48c5c3937d5e1c74778a78b2238b3f4b993459ea286e373fac08e978660b91d54debef1ad3c404ba63bc
#
# (C) Tenable Network Security, Inc.
#
include('compat.inc');
if (description)
{
script_id(137659);
script_version("1.12");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/15");
script_cve_id("CVE-2020-3259");
script_xref(name:"CISCO-BUG-ID", value:"CSCvt15163");
script_xref(name:"CISCO-SA", value:"cisco-sa-asaftd-info-disclose-9eJtycMB");
script_xref(name:"IAVA", value:"2020-A-0205-S");
script_xref(name:"CEA-ID", value:"CEA-2020-0042");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2024/03/07");
script_name(english:"Cisco Adaptive Security Appliance Software Web Services Information Disclosure (cisco-sa-asaftd-info-disclose-9eJtycMB)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch");
script_set_attribute(attribute:"description", value:
"A vulnerability exists in the web services interface of Cisco Adaptive Security Appliance (ASA) Software due to the
handling of parsing of invalid URLs. An unauthenticated, remote attacker can exploit this, by sending a crafted GET
request to the web services interface, in order to retrieve memory contents, which could lead to the disclosure of
confidential information.
Please see the included Cisco BIDs and Cisco Security Advisory for more information.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ca70b7e2");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvt15163");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in the Cisco Security Advisory");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-3259");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/06");
script_set_attribute(attribute:"patch_publication_date", value:"2020/05/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/19");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:adaptive_security_appliance_software");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "os_fingerprint.nasl");
script_require_keys("Host/Cisco/ASA");
exit(0);
}
include('cisco_workarounds.inc');
include('ccf.inc');
product_info = cisco::get_product_info(name:'Cisco Adaptive Security Appliance (ASA) Software');
vuln_ranges = [
{'min_ver' : '0.0', 'fix_ver': '9.6.4.41'},
{'min_ver' : '9.7', 'fix_ver': '9.8.4.20'},
{'min_ver' : '9.9', 'fix_ver': '9.9.2.67'},
{'min_ver' : '9.10', 'fix_ver': '9.10.1.40'},
{'min_ver' : '9.12', 'fix_ver': '9.12.3.9'},
{'min_ver' : '9.13', 'fix_ver': '9.13.1.10'}
];
workarounds = make_list(
CISCO_WORKAROUNDS['IKEv2_enabled'],
CISCO_WORKAROUNDS['ssl_vpn']
);
reporting = make_array(
'port' , 0,
'severity' , SECURITY_WARNING,
'version' , product_info['version'],
'bug_id' , 'CSCvt15163',
'cmds' , make_list('show running-config')
);
cisco::check_and_report(
product_info:product_info,
workarounds:workarounds,
reporting:reporting,
vuln_ranges:vuln_ranges
);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | adaptive_security_appliance_software | cpe:/a:cisco:adaptive_security_appliance_software |
Related
attackerkb
attackerkb
CVE-2020-3259
2020-05-06 00:00:00
hivepro
hivepro
Akira Ransomware Exploits Cisco Flaw for Maximum Impact
2024-02-20 11:19:52
ptsecurity
ptsecurity
PT-2020-03: Information disclosure in Π‘isco ASA and Cisco FTD
2020-02-21 00:00:00
cisa_kev
cisa_kev
Cisco ASA and FTD Information Disclosure Vulnerability
2024-02-15 00:00:00
cve
cve
CVE-2020-3259
2020-05-06 17:15:00
cisco
cisco
prion
prion
Design/Logic Flaw
2020-05-06 17:15:00
ics
ics
#StopRansomware: Akira Ransomware
2024-04-18 12:00:00
thn
thn
Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers
2024-04-19 11:01:00
CISA Warning: Akira Ransomware Exploiting Cisco ASA/FTD Vulnerability
2024-02-16 15:42:00
threatpost
threatpost
Cisco Fixes High-Severity Flaws In Firepower Security Software, ASA
2020-05-07 18:43:04
avleonov
avleonov