Details of VAR-201905-0245

ID

VAR-201905-0245

CVE

CVE-2019-1714

TITLE

Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Vulnerabilities related to certificate and password management in software

Trust: 0.8

sources: JVNDB: JVNDB-2019-004376

DESCRIPTION

A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to successfully establish a VPN session to an affected device. The vulnerability is due to improper credential management when using NT LAN Manager (NTLM) or basic authentication. An attacker could exploit this vulnerability by opening a VPN session to an affected device after another VPN user has successfully authenticated to the affected device via SAML SSO. A successful exploit could allow the attacker to connect to secured networks behind the affected device. This issue is tracked by Cisco Bug ID CSCvn72570. This vulnerability stems from the lack of an effective trust management mechanism in network systems or products. Attackers can use default passwords or hard-coded passwords, hard-coded certificates, etc. to attack affected components

Trust: 1.98

sources: NVD: CVE-2019-1714 // JVNDB: JVNDB-2019-004376 // BID: 108185 // VULHUB: VHN-149356

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.3.0.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.9.2.50	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.2.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.10.1.17	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.8.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.10	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.3.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.2.3.12	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.9	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower threat defense virtual	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.3	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.3	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.2	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.1	Trust: 0.3
vendor:	cisco	model:	firepower security appliances	scope:	eq	version:	93000	Trust: 0.3
vendor:	cisco	model:	firepower series	scope:	eq	version:	41000	Trust: 0.3
vendor:	cisco	model:	firepower series	scope:	eq	version:	21000	Trust: 0.3
vendor:	cisco	model:	asa services module for cisco catalyst series switches	scope:	eq	version:	65000	Trust: 0.3
vendor:	cisco	model:	asa services module for cisco series routers	scope:	eq	version:	76000	Trust: 0.3
vendor:	cisco	model:	asa series firewalls	scope:	eq	version:	5500-x0	Trust: 0.3
vendor:	cisco	model:	adaptive security virtual appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.7	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.10	Trust: 0.3
vendor:	cisco	model:	series industrial security appliances	scope:	eq	version:	30000	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	ne	version:	6.3.0.3	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	ne	version:	6.2.3.12	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.8.4	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.9.2.50	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.10.1.17	Trust: 0.3

sources: BID: 108185 // JVNDB: JVNDB-2019-004376 // NVD: CVE-2019-1714

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1714
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1714
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-1714
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201905-038
value:	HIGH
Trust: 0.6
VULHUB:	VHN-149356
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-1714
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-149356
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-1714
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	4.0
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1714
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.0
NVD:	CVE-2019-1714
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-149356 // JVNDB: JVNDB-2019-004376 // CNNVD: CNNVD-201905-038 // NVD: CVE-2019-1714 // NVD: CVE-2019-1714

PROBLEMTYPE DATA

problemtype:	CWE-255	Trust: 1.9
problemtype:	NVD-CWE-Other	Trust: 1.0

sources: VULHUB: VHN-149356 // JVNDB: JVNDB-2019-004376 // NVD: CVE-2019-1714

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-038

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201905-038

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-004376

PATCH

title:	cisco-sa-20190501-asaftd-saml-vpn	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asaftd-saml-vpn	Trust: 0.8
title:	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Repair measures for trust management problem vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92187	Trust: 0.6

sources: JVNDB: JVNDB-2019-004376 // CNNVD: CNNVD-201905-038

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1714	Trust: 2.8
db:	BID	id:	108185	Trust: 2.0
db:	JVNDB	id:	JVNDB-2019-004376	Trust: 0.8
db:	CNNVD	id:	CNNVD-201905-038	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.1510.2	Trust: 0.6
db:	VULHUB	id:	VHN-149356	Trust: 0.1

sources: VULHUB: VHN-149356 // BID: 108185 // JVNDB: JVNDB-2019-004376 // CNNVD: CNNVD-201905-038 // NVD: CVE-2019-1714

REFERENCES

url:	http://www.securityfocus.com/bid/108185	Trust: 2.3
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-asaftd-saml-vpn	Trust: 2.0
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1714	Trust: 1.4
url:	http://www.cisco.com/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1714	Trust: 0.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-asa-ftd-ike-dos	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/80090	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-asa-privilege-escalation-via-vpn-saml-authentication-bypass-29202	Trust: 0.6

sources: VULHUB: VHN-149356 // BID: 108185 // JVNDB: JVNDB-2019-004376 // CNNVD: CNNVD-201905-038 // NVD: CVE-2019-1714

CREDITS

Cisco.

Trust: 0.9

sources: BID: 108185 // CNNVD: CNNVD-201905-038

SOURCES

db:	VULHUB	id:	VHN-149356
db:	BID	id:	108185
db:	JVNDB	id:	JVNDB-2019-004376
db:	CNNVD	id:	CNNVD-201905-038
db:	NVD	id:	CVE-2019-1714

LAST UPDATE DATE

2024-08-14T13:45:03.390000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-149356	date:	2020-10-07T00:00:00
db:	BID	id:	108185	date:	2019-05-01T00:00:00
db:	JVNDB	id:	JVNDB-2019-004376	date:	2019-05-31T00:00:00
db:	CNNVD	id:	CNNVD-201905-038	date:	2022-06-01T00:00:00
db:	NVD	id:	CVE-2019-1714	date:	2023-08-15T15:24:56.340

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-149356	date:	2019-05-03T00:00:00
db:	BID	id:	108185	date:	2019-05-01T00:00:00
db:	JVNDB	id:	JVNDB-2019-004376	date:	2019-05-31T00:00:00
db:	CNNVD	id:	CNNVD-201905-038	date:	2019-05-01T00:00:00
db:	NVD	id:	CVE-2019-1714	date:	2019-05-03T17:29:00.533