Posts for: #Cisco Secure Firewall 3100 Series

Cisco Secure Firewall Management Center and Secure Firewall Threat Defense Software Command Injection Vulnerability

#7.2  #7.2.6  #7.2.7  #7.2.8  #7.2.8.1  #7.2.9  #7.4  #7.4.1  #7.4.1.1  #7.4.2  #7.4.2.1  #7.6  #7.6.0  #Cisco  #Cisco 3000 Series Industrial Security Appliances (ISA)  #Cisco Firepower 1000 Series 
🚨 SEVERITY: MEDIUM — CVSS 6.0 Security Advisory

TL;DR 📌

A command injection vulnerability has been identified in Cisco Secure Firewall Management Center (FMC) and Secure Firewall Threat Defense (FTD) Software. This medium-severity issue allows authenticated local attackers to execute arbitrary commands on the underlying operating system. Cisco has released software updates to address this vulnerability, but no workarounds are available.

What happened 🕵️‍♂️

A vulnerability in the command-line interface (CLI) of Cisco Secure Firewall Management Center (FMC) and Secure Firewall Threat Defense (FTD) Software has been discovered. This flaw arises from improper input validation for specific CLI commands, enabling an authenticated local attacker to inject operating system commands. If exploited, the attacker could escape the restricted command prompt and execute arbitrary commands as root on the underlying operating system. Successful exploitation requires valid Administrator credentials.

[]

Cisco Secure Firewall Threat Defense Software Geolocation Remote Access VPN Bypass Vulnerability

#7.7  #7.7.0  #Cisco  #Cisco 3000 Series Industrial Security Appliances (ISA)  #Cisco Firepower 1000 Series  #Cisco Firepower 4100 Series  #Cisco Firepower 9000 Series  #Cisco Firepower Threat Defense Software  #Cisco Secure Firewall 1200 Series  #Cisco Secure Firewall 3100 Series  #Cisco Secure Firewall 4200 Series  #Cisco Secure Firewall Threat Defense Virtual 
🚨 SEVERITY: MEDIUM — CVSS 5.8 Security Advisory

TL;DR 📌

A medium-severity vulnerability has been identified in the Geolocation-Based Remote Access VPN feature of Cisco Secure Firewall Threat Defense Software. This flaw allows unauthenticated attackers to bypass security policies, potentially granting unauthorized access to restricted networks. No workarounds are available, and software updates are necessary to mitigate the risk.

What happened 🕵️‍♂️

A vulnerability in Cisco Secure Firewall Threat Defense (FTD) Software’s Geolocation-Based Remote Access (RA) VPN feature could enable an unauthenticated, remote attacker to bypass configured policies that control HTTP connections based on geographical location. This issue arises from incomplete URL parsing, allowing attackers to exploit it by sending crafted HTTP connections. Successful exploitation could lead to unauthorized access to networks that should otherwise be protected.

[]

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software for Firepower 3100 and 4200 Series TLS 1.3 Cipher Denial of Service Vulnerability

#7.4  #7.4.0  #7.4.1  #7.4.1.1  #7.4.2  #7.4.2.1  #7.6  #7.6.0  #9.2  #9.20.1  #9.20.1.5  #9.20.2  #9.20.2.10  #9.20.2.21  #9.20.2.22  #9.20.3 
🚨 SEVERITY: HIGH — CVSS 7.7 Security Advisory

TL;DR 📌

A vulnerability in the TLS 1.3 implementation for Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Software on Firepower 3100 and 4200 Series devices could allow an authenticated remote attacker to cause a denial of service (DoS) condition. This affects the device’s ability to accept new SSL/TLS or VPN requests. Cisco has released software updates to address this issue, and there are workarounds available.

[]