Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.CISCO-SA-ISE-CSRF-NFAKXRP5.NASL
HistoryApr 05, 2024 - 12:00 a.m.

Cisco Identity Services Engine XSRF (cisco-sa-ise-csrf-NfAKXrp5)

2024-04-0500:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
3
cisco
identity services engine
xsrf
cross-site request forgery
vulnerability
web-based interface
csrf protection
cve-2024-20368
cisco bids
security advisory
nessus scanner

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON

According to its self-reported version, Cisco Identity Services Engine Cross-Site Request Forgery is affected by a vulnerability.

  • A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on the affected device with the privileges of the targeted user.
    (CVE-2024-20368)

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#TRUSTED 467ebe16a07b6c382c4189709c7f940f3b72fc6bde2710bd5f7ea2f74d2a640705144d016db78aaa9f8807f3b62f3074dcbc1392ebb6c7c45194857566169512de1648ec7b3781047e5abfd4478e83e9db723a1ad568f0d9754eb7e484baa1585e3c65c980db3219fa8efdef0de359bbfb68e882930113edc67b70b8b5cbeea98c15cc0d40cb6d75ee2e3af9f5ba8ff2ca57d783da805fda0a88efc1f5f5d6231ab8dec6614e78830f8d0d90845249e56795232e023f0e49841d91af30bf6d0703d37ddfcd939653f76b3f330bbc40fc822b2308110652f3eed68171c8ecbb99ff4422d217ff9c6e10a74af651be2d094afca75e4feab4aee8665a083aab6f517dd278169b465a77918763f2bcaec3401b084bda4924baebf7c639734ac2522909bc43bbedbdc604c680d486b055e28c45a32197d49dd0acf746855da362cabaea02f6885c345430e1514f513dfa75b00704e17a7c93368df46bfd5732bf534302b4e694f3a7fc47a93c021786b87f20e85623ea715b1258af01ebbcc79c4f96204366274a231f71c6fa7c85f15e1f99401938b59a5296f6d7ec5df0aaf03572d8eb117eb0131c46b57bde717e1cc44c20b945c84182aafa56452a4d48e96e29c25c4e10bf4c35947dad6431c2a4b3aacc57d9c430ba7f53c0e643463ce02503b2c07a811b5e2624419dc2e1cf6f26e6e26780f7462a0cd8bf590cea0b291adc
#TRUST-RSA-SHA256 7c81b833549d84c3acdfe464eac96454e855ddbca2862abd6f0f1bdc70544e5d0398b47524807fd304406358c15310b7330fe083ee289d690f7cbf1d0db2fe3da4b3a0a4fd0d6cdb08de055c64799cf5e91cc1fe3f6089e0a3153cda650f077a787d46b8a7c4f225ee9f745e5214a6f9dbfcea2351b0a50400c892fdfbaadf52512e5b1d76eddb0bc2687fa828270ebeb27c1e090acf52e0beb712e6325fba765a41462652b3694ebebbc4e048ac49dac296ce57dde1198b713b80a1fff7ea94a31b1e6330127bd321308b9ad658fd73d4400e1053a64735e60ec5a5543db0620534e9027dc8fea0e792a1faeb65fe7325dd7317668ee90ce359fd0a0a532402d705dfd55b33457efca781939aa4b0c727f7107f3c7f196fd2d59df510c9dc306f52df8e60a43e83c00a82340c9346622d04b1b2ad9cf08c5ff5261a27b681d9c158bd44a750126aa48854b425a96ae30f4fc867be1dd0934ea3eed7cd182f8738fa48949d3ea4133f7580bfe1a74b172141db0bbb698f0893735f94ee5087ba2c0469a3706b247dfafec0f83fa54e07dd7b2bc2f953952361d64d4c92a151fe5f9423691d7eb306039a28aef6ad3685bc2072b82df2a67d87e8c8753302a0d6852a13f7dcad51d27a09bc1a1d0f3bcb43b10c1563e536ebad19a5a53c571c55ed7e7103a5dde2d22aaf60dab30abd50e9ecff3d66c4d127887926f249d0edaf
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(192943);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/19");

  script_cve_id("CVE-2024-20368");
  script_xref(name:"IAVA", value:"2024-A-0198");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwf44736");
  script_xref(name:"CISCO-SA", value:"cisco-sa-ise-csrf-NfAKXrp5");

  script_name(english:"Cisco Identity Services Engine XSRF (cisco-sa-ise-csrf-NfAKXrp5)");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
  script_set_attribute(attribute:"description", value:
"According to its self-reported version, Cisco Identity Services Engine Cross-Site Request Forgery is affected by a
vulnerability.

  - A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow
    an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform
    arbitrary actions on an affected device. This vulnerability is due to insufficient CSRF protections for
    the web-based management interface of an affected device. An attacker could exploit this vulnerability by
    persuading a user of the interface to follow a crafted link. A successful exploit could allow the attacker
    to perform arbitrary actions on the affected device with the privileges of the targeted user.
    (CVE-2024-20368)

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  # https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-csrf-NfAKXrp5
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?89758453");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwf44736");
  script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwf44736");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-20368");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(352);

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/04/03");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/04/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/04/05");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:cisco:identity_services_engine");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:identity_services_engine");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:identity_services_engine_software");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CISCO");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("cisco_ise_detect.nbin");
  script_require_keys("Host/Cisco/ISE/version");

  exit(0);
}

include('ccf.inc');
include('cisco_ise_func.inc');

var product_info = cisco::get_product_info(name:'Cisco Identity Services Engine Software');

var vuln_ranges = [
  {'min_ver':'0.0', 'fix_ver':'3.2.0.542', required_patch:'5'},
  {'min_ver':'3.3', 'fix_ver':'3.3.999', required_patch:'2'}  # patch 2 actual version still not available
];

var required_patch = get_required_patch(vuln_ranges:vuln_ranges, version:product_info['version']);  

var reporting = make_array(
  'port'          , 0,
  'severity'      , SECURITY_HOLE,
  'version'       , product_info['version'],
  'flags'         , {'xsrf':TRUE},
  'bug_id'        , 'CSCwf44736',
  'disable_caveat', TRUE
);

if (product_info['version'] =~ '3.3')
  reporting ['fix'] = 'See Vendor Advisory';

cisco::check_and_report(
  product_info:product_info,
  reporting:reporting,
  vuln_ranges:vuln_ranges,
  required_patch: required_patch
);
VendorProductVersionCPE
ciscoidentity_services_enginecpe:/h:cisco:identity_services_engine
ciscoidentity_services_enginecpe:/a:cisco:identity_services_engine
ciscoidentity_services_engine_softwarecpe:/a:cisco:identity_services_engine_software

Related

cvelist 1
nvd 1
cve 1
cisco 1
cvelist
cvelist
CVE-2024-20368
2024-04-03 16:23:02
nvd
nvd
CVE-2024-20368
2024-04-03 17:15:50
cve
cve
CVE-2024-20368
2024-04-03 17:15:50
cisco
cisco
Cisco Identity Services Engine Cross-Site Request Forgery Vulnerability
2024-04-03 16:00:00

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for CISCO-SA-ISE-CSRF-NFAKXRP5.NASL
cvelist1nvd1cve1cisco1