CVE-2019-1714

HIGH

8.6

CVSS Severity Score

EPSS Score0.1600%

EPSS Percentile13.65th

PublishedMay 3, 2019

Last ModifiedNov 21, 2024

Vulnerability Description

A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to successfully establish a VPN session to an affected device. The vulnerability is due to improper credential management when using NT LAN Manager (NTLM) or basic authentication. An attacker could exploit this vulnerability by opening a VPN session to an affected device after another VPN user has successfully authenticated to the affected device via SAML SSO. A successful exploit could allow the attacker to connect to secured networks behind the affected device.

Affected Platforms (CPE)

📦

Cisco

Firepower Threat Defense

>= 6.2.1 and < 6.2.3.12

📦

Cisco

Firepower Threat Defense

>= 6.3.0 and < 6.3.0.3

💻

Cisco

Adaptive Security Appliance Software

>= 9.7 and < 9.8.4

💻

Cisco

Adaptive Security Appliance Software

>= 9.9 and < 9.9.2.50

💻

Cisco

Adaptive Security Appliance Software

>= 9.10 and < 9.10.1.17

References & Advisories

🔗 http://www.securityfocus.com/bid/108185

🔗 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asaftd-saml-vpn

🔗 http://www.securityfocus.com/bid/108185

🔗 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asaftd-saml-vpn

Vulnerability Description

Affected Platforms (CPE)

Firepower Threat Defense

Firepower Threat Defense

Adaptive Security Appliance Software

Adaptive Security Appliance Software

Adaptive Security Appliance Software

References & Advisories

Related Vulnerabilities