Authentication Bypass in Cisco Adaptive Security Appliance and Firepower Threat Defense
CVE-2023-20247

4.3MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Adaptive Security Appliance (ASA) Software; Cisco Firepower Threat Defense Software
Vendor: CVE Published:; 1 November 2023

Summary

A security flaw exists in the remote access SSL VPN functionality of Cisco Adaptive Security Appliance and Firepower Threat Defense software. This flaw can be exploited by authenticated remote attackers, enabling them to bypass multiple certificate authentication policies. The vulnerability arises from improper error handling during the authentication process. Attackers can send specially crafted requests while establishing a remote access VPN session, allowing them to connect using only a valid username and password, thereby gaining access without the necessary certificates. This exploitation retains the privileges and permissions linked to the legitimate connection profile, potentially leading to unauthorized access.

Affected Version(s)

Cisco Adaptive Security Appliance (ASA) Software 9.8.1

Cisco Adaptive Security Appliance (ASA) Software 9.8.1.5

Cisco Adaptive Security Appliance (ASA) Software 9.8.1.7

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 1, 2023
Vulnerability Reserved
Oct 27, 2022