There is a present safety alert from BSI for Cisco Firepower and ASA. Read right here what threatens the IT safety of CISCO Appliance methods, how excessive the chance is and what it’s best to do about it.
Federal workplace for Security in Information Technology (BSI) issued a safety advisory for Cisco Firepower and ASA on May 22, 2024. The safety vulnerability impacts the CISCO Appliance working system and Cisco Firepower and Cisco ASA (Adaptive Security Appliance) merchandise.
The newest producer suggestions for updates, workarounds and safety patches for this vulnerability could be discovered right here: Cisco Security Advisory cisco-sa-asaftd-saml-bypass-KkNvXyKW (From 22 May 2024). Some helpful sources are listed later on this article.
Cisco Firepower and ASA Security Advisory – Risk: Moderate
Risk degree: 3 (average)
CVSS Base Score: 5.8
CVSS interim rating: 5.1
Remote management: Ja
The Common Vulnerability Scoring System (CVSS) is used to evaluate the vulnerability of pc methods. The CVSS normal makes it potential to match potential or precise safety dangers primarily based on numerous standards so as to prioritize countermeasures. The attributes “none”, “low”, “medium”, “excessive” and “extreme” are used to find out the severity ranges of the vulnerability. The Base Score evaluates the necessities of an assault (together with authentication, complexity, privileges, person interplay) and its outcomes. For short-term impact, body situations that will change over time are thought-about within the take a look at. The severity of the present vulnerability is classed as “average” in line with the CVSS with a base rating of 5.8.
Cisco Firepower and ASA Bug: Multiple vulnerabilities permit safety measures to be bypassed
Firepower is a firewall platform from CiscoThe Cisco ASA Appliance offers safety capabilities for utility software program, akin to a firewall or VPN.
A distant attacker can exploit a number of vulnerabilities in Cisco Firepower and Cisco ASA (Adaptive Security Appliance) to bypass safety measures.
Vulnerabilities are categorized utilizing the CVE (Common Vulnerability and Exposure) designation system by their particular person serial numbers CVE-2024-20293 and CVE-2024-20355.
Systems affected by the safety hole at a look
working system
CISCO Appliance
Products
Cisco Firepower Threat Defense Software (cpe:/a:cisco:firepower)
Cisco ASA (Adaptive Security Appliance) (cpe:/h:cisco:adaptive_security_appliance)
General steps for coping with IT vulnerabilities
- Users of the affected apps ought to keep up-to-date. When safety holes are identified, producers are required to repair them rapidly by creating a patch or workaround. When new safety updates can be found, set up them instantly.
- For info, see the sources listed within the subsequent part. This typically accommodates further details about the most recent model of the software program in query and the supply of safety patches or efficiency ideas.
- If you’ve gotten any additional questions or uncertainties, please contact your accountable administrator. IT safety managers ought to commonly test the desired sources to see if a brand new safety replace is on the market.
Sources for updates, patches and workarounds
Here you will see that some hyperlinks with details about bug stories, safety fixes and workarounds.
Cisco Security Advisory cisco-sa-asaftd-saml-bypass-KkNvXyKW vom 2024-05-22 (22.05.2024)
For extra info, see:
Cisco Security Advisory cisco-sa-asaftd-ogsnsg-aclbyp-3XB8q6jX vom 2024-05-22 (22.05.2024)
For extra info, see:
Version historical past of this safety alert
This is the primary model of this IT safety discover for Cisco Firepower and ASA. This doc will probably be up to date as updates are introduced. You can see the adjustments made utilizing the model historical past under.
May 22, 2024 – First model
+++ Editorial word: This doc relies on present BSI information and will probably be up to date in a data-driven method relying on the standing of the alert. We welcome suggestions and feedback at [email protected]. +++
observe News.de you might be right here Facebook, Twitter, Pinterest once more YouTube? Here you will see that sizzling information, present movies and a direct line to the editorial staff.
kns/roj/information.de