SAML 2.0 Single Sign-On Vulnerability in Cisco Adaptive Security Appliance and Firepower Threat Defense Software
CVE-2023-20264

6.1MEDIUM

Key Information:

Vendor
Cisco
Status
Cisco Adaptive Security Appliance (ASA) Software
Cisco Firepower Threat Defense Software
Vendor
CVE Published:
1 November 2023

Summary

A security vulnerability exists in the SAML 2.0 single sign-on implementation for remote access VPN connections in Cisco Adaptive Security Appliance and Firepower Threat Defense Software. This issue arises from inadequate validation of the login URL, allowing an unauthenticated remote attacker to exploit the weakness. By tricking a user into visiting a maliciously controlled site, the attacker can manipulate the login URL, enabling them to intercept the SAML assertion during the authentication process. If successful, the attacker gains the ability to establish a remote access VPN session using the hijacked user's identity and permissions, potentially compromising the security of the protected network.

Affected Version(s)

Cisco Adaptive Security Appliance (ASA) Software 9.18.1

Cisco Adaptive Security Appliance (ASA) Software 9.18.1.3

Cisco Adaptive Security Appliance (ASA) Software 9.18.2

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.