Cisco ASA Software Multiple Vulnerabilities (cisco-sa-20140409-asa)

High Nessus Plugin ID 73533

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The remote Cisco ASA device is affected by one or more of the following vulnerabilities :

- An issue exists in the Adaptive Security Device Manager (ADSM) due to improper privilege assignment to users with a privilege level of zero. This issue allows an authenticated, remote attacker to gain administrative privileges. (CVE-2014-2126)

- An issue exists in the SSL VPN portal when the Clientless SSL VPN feature is used due to improper handling of management session information. An authenticated, remote attacker can exploit this to gain administrative privileges. (CVE-2014-2127)

- An issue exists in the SSL VPN feature due to improper handling of authentication cookies. An unauthenticated, remote attacker can exploit this to bypass authentication, resulting in unauthorized access to internal network resources. (CVE-2014-2128)

- An issue exists in the SIP inspection engine due to improper handling of SIP packets. An unauthenticated, remote attacker can exploit this to cause memory exhaustion, resulting in a denial of service.
(CVE-2014-2129)

Note that that the verification check for the presence of CVE-2014-2128 is a best effort approach and may result in potential false positives.

Solution

Apply the relevant patch or workaround referenced in Cisco Security Advisory cisco-sa-20140409-asa.

See Also

http://www.nessus.org/u?687b1a20

Plugin Details

Severity: High

ID: 73533

File Name: cisco-sa-20140409-asa.nasl

Version: 1.9

Type: local

Family: CISCO

Published: 2014/04/15

Updated: 2018/11/15

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 8.5

Temporal Score: 6.3

Vector: CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:cisco:adaptive_security_appliance_software, cpe:/h:cisco:asa_5500, cpe:/h:cisco:asa_6500, cpe:/h:cisco:asa_7600, cpe:/h:cisco:asa_1000V

Required KB Items: Host/Cisco/ASA, Host/Cisco/ASA/model

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/07/12

Vulnerability Publication Date: 2014/04/09

Reference Information

CVE: CVE-2014-2126, CVE-2014-2127, CVE-2014-2128, CVE-2014-2129

BID: 66745, 66746, 66747, 66748