Cisco Firepower Threat Defense Software WebVPN Portal Access Rule Bypass Vulnerability Vulnerability (cisco-sa-asaftd-rule-bypass-P73ABNWQ)

medium Nessus Plugin ID 160404

Synopsis

The remote device is missing a vendor-supplied security patch (cisco-sa-asaftd-rule-bypass-P73ABNWQ)

Description

According to its self-reported version, Cisco Firepower Threat Defense Software is affected by a vulnerability. This vulnerability could allow an unauthenticated, remote attacker to bypass a configured access rule and access parts of the WebVPN portal that are supposed to be blocked. The vulnerability is due to insufficient validation of URLs when portal access rules are configured. An attacker could exploit this vulnerability by accessing certain URLs on the affected device.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvu75615

See Also

http://www.nessus.org/u?b29a97cf

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvu75615

Plugin Details

Severity: Medium

ID: 160404

File Name: cisco-sa-asaftd-rule-bypass-P73ABNWQ-ftd.nasl

Version: 1.4

Type: combined

Family: CISCO

Published: 5/2/2022

Updated: 3/31/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 2.5

CVSS v2

Risk Factor: Medium

Base Score: 5.8

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2020-3578

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:cisco:firepower_threat_defense

Exploit Ease: No known exploits are available

Patch Publication Date: 10/21/2020

Vulnerability Publication Date: 10/21/2020

Reference Information

CVE: CVE-2020-3578

CWE: 863

CISCO-SA: cisco-sa-asaftd-rule-bypass-P73ABNWQ

IAVA: 2020-A-0488-S

CISCO-BUG-ID: CSCvu75615