Detections
Analytics

Cisco ASA Software Multiple Vulnerabilities (cisco-sa-20140409-asa)

high Nessus Plugin ID 73533

Language:

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The remote Cisco ASA device is affected by one or more of the following vulnerabilities :

 - An issue exists in the Adaptive Security Device Manager (ADSM) due to improper privilege assignment to users with a privilege level of zero. This issue allows an authenticated, remote attacker to gain administrative privileges. (CVE-2014-2126)

 - An issue exists in the SSL VPN portal when the Clientless SSL VPN feature is used due to improper handling of management session information. An authenticated, remote attacker can exploit this to gain administrative privileges. (CVE-2014-2127)

 - An issue exists in the SSL VPN feature due to improper handling of authentication cookies. An unauthenticated, remote attacker can exploit this to bypass authentication, resulting in unauthorized access to internal network resources. (CVE-2014-2128)

 - An issue exists in the SIP inspection engine due to improper handling of SIP packets. An unauthenticated, remote attacker can exploit this to cause memory exhaustion, resulting in a denial of service.
 (CVE-2014-2129)

Note that that the verification check for the presence of CVE-2014-2128 is a best effort approach and may result in potential false positives.

Solution

Apply the relevant patch or workaround referenced in Cisco Security Advisory cisco-sa-20140409-asa.

See Also

http://www.nessus.org/u?687b1a20

Plugin Details

Severity: High

ID: 73533

File Name: cisco-sa-20140409-asa.nasl

Version: 1.9

Type: local

Family: CISCO

Published: 4/15/2014

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 8.5

Temporal Score: 6.3

Vector: CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:cisco:adaptive_security_appliance_software, cpe:/h:cisco:asa_6500, cpe:/h:cisco:asa_1000v, cpe:/h:cisco:asa_5500, cpe:/h:cisco:asa_7600

Required KB Items: Host/Cisco/ASA, Host/Cisco/ASA/model

Exploit Ease: No known exploits are available

Patch Publication Date: 7/12/2013

Vulnerability Publication Date: 4/9/2014

Reference Information

CVE: CVE-2014-2126, CVE-2014-2127, CVE-2014-2128, CVE-2014-2129

BID: 66745, 66746, 66747, 66748