New vulnerabilities in Cisco Adaptive Security Appliance – October 26, 2014

Posted: October 26, 2014 in Vulnerabilities
Tags: , ,

cisco company logoThree new vulnerabilities in Cisco Adaptive Security Appliance

There are three vulnerabilities fixed in the Cisco product (Adaptive Security Appliance): Smart Call Home Digital Certificate Validation Vulnerability; VPN Failover Command Injection Vulnerability; Clientless SSL VPN Information Disclosure and Denial of Service Vulnerability.

Administrators are advised to install the latest version from the manufacturer’s web site.

Danger level: Low
Availability Corrections: Yes

Number of vulnerabilities: 3
CVSSv2 Rating:
(AV: A / AC: M / Au: N / C: C / I: C / A: C / E: U / RL: O / RC: C) = Base: 7.9 / Temporal: 5.8
(AV:A/AC:L/Au:N/C:P/I:P/A:N/E:U/RL:O/RC:C) = Base:4.8/Temporal:3.5
(AV: A / AC: L / Au: N / C: P / I: P / A: N / E: U / RL: O / RC: C) = Base: 4.8 / Temporal: 3.5

CVE ID:

CVE-2014-3389
CVE-2014-3393
CVE-2014-3394

Cisco Adaptive Security ApplianceCisco ASA 5500 Series

#1 System compromise in Cisco Adaptive Security Appliance (CVE-2014-3389)

VPN Failover Command Injection Vulnerability

Vector of operation: Local Network
Impact: System Compromise

Affected products:
Cisco Adaptive Security Appliance (ASA) 7.x, (ASA) 8.x, (ASA) 9.x
Cisco ASA 5500 and Cisco ASA 5500-X Series Adaptive Security Appliances

Affected versions:
Cisco Adaptive Security Appliance (ASA) 7.x, (ASA) 8.x, (ASA) 9.x
Cisco ASA 5500 and Cisco ASA 5500-X Series Adaptive Security Appliances

Description:
[CVE-2014-3389] This vulnerability could allow a remote user to compromise a vulnerable system.

The vulnerability is due to insufficient input data processing in interface Failover. An attacker could exploit this vulnerability by sending crafted packets directed to the failover interface IP address and execute arbitrary code on the target system.

NOTE: Successful exploitation requires that the system has been configured for routed firewall mode.

Solution: Install the latest version from the manufacturer.

References:
http://tools.cisco.com/security/center/viewAlert.x?alertId=35912
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa

#2 Security Bypass in Cisco Adaptive Security Appliance (CVE-2014-3393)

Clientless SSL VPN Information Disclosure and Denial of Service Vulnerability

Vector of operation: Local Network
Impact: Security Bypass

Affected products:
Cisco Adaptive Security Appliance 8.x and 9.x
Cisco Adaptive Security Appliances ASA 5500 and ASA 5500-X Series

Affected versions:
Cisco Adaptive Security Appliance 8.x, 9.x
Cisco ASA 5500 Series Adaptive Security Appliances
Cisco ASA 5500-X Series Adaptive Security Appliances

Description:
[CVE-2014-3393] The vulnerability allows malicious people to bypass certain security restrictions.

The vulnerability is due to an error in the mechanism of the authorization framework Clientless SSL VPN. A remote user can bypass the authentication mechanism.

Solution: Install the latest version from the manufacturer.

References:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa
http://tools.cisco.com/security/center/viewAlert.x?alertId=35917

#3 Security Bypassin Cisco Adaptive Security Appliance (CVE-2014-3394)

Digital Certificate Validation Vulnerability

Vector of operation: Local Network
Impact: Security Bypass

Affected products:
Cisco Adaptive Security Appliance (ASA) 8.x, (ASA) 9.x
Cisco ASA 5500 and ASA 5500-X Series Adaptive Security Appliances

Affected versions:
Cisco Adaptive Security Appliance (ASA) 8.x, 9.x
Cisco ASA 5500 and ASA 5500-X Series Adaptive Security Appliances

Description:
[CVE-2014-3394] The vulnerability allows malicious people to bypass certain security restrictions.

The vulnerability is due to the fact that the application sets a VeriSign certificate when configuring additions Smart Call Home (SCH). This can be exploited to bypass the authentication of digital certificates.

Solution: Install the latest version from the manufacturer.

References:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa
http://tools.cisco.com/security/center/viewAlert.x?alertId=35918

 


cisco company logoManufacturer URLs (Cisco Systems, Inc):

http://www.cisco.com/…/product_data_sheet0900aecd802930c5.html
http://www.cisco.com/en/US/products/ps6120/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s