SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Firewall)  >   Cisco ASA Vendors:   Cisco
Cisco ASA AnyConnect Client SAML SSO Flaw Lets Remote Users Establish Authenticated AnyConnect Sessions in Certain Cases
SecurityTracker Alert ID:  1040711
SecurityTracker URL:  http://securitytracker.com/id/1040711
CVE Reference:   CVE-2018-0229   (Links to External Site)
Date:  Apr 19 2018
Impact:   Host/resource access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Cisco ASA. A remote user can establish an authenticated AnyConnect session in certain cases.

A remote user that can hijack a valid authentication token can use the token to establish an authenticated AnyConnect session through the target device.

Systems configured with SAML 2.0 Identity Provider (IdP), SAML 2.0 Service Provider (SP), and AnyConnect Remote Access VPN are affected.

The following models are affected:

ASA 5500 Series
ASA 5500-X Series
ASA Services Module for Cisco Catalyst 6500 Series and Cisco 7600 Series
Adaptive Security Virtual Appliance (ASAv)

The vendor has assigned bug ID CSCvg65072 to this vulnerability.

Impact:   A remote user can establish an authenticated AnyConnect session in certain cases.
Solution:   The vendor has issued a fix (9.7.1.24, 9.8.2.28, 9.9.2.1).

The vendor advisory is available at:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asaanyconnect

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asaanyconnect (Links to External Site)
Cause:   Authentication error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC