ID

VAR-201905-0245


CVE

CVE-2019-1714


TITLE

Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Vulnerabilities related to certificate and password management in software

Trust: 0.8

sources: JVNDB: JVNDB-2019-004376

DESCRIPTION

A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to successfully establish a VPN session to an affected device. The vulnerability is due to improper credential management when using NT LAN Manager (NTLM) or basic authentication. An attacker could exploit this vulnerability by opening a VPN session to an affected device after another VPN user has successfully authenticated to the affected device via SAML SSO. A successful exploit could allow the attacker to connect to secured networks behind the affected device. This issue is tracked by Cisco Bug ID CSCvn72570. This vulnerability stems from the lack of an effective trust management mechanism in network systems or products. Attackers can use default passwords or hard-coded passwords, hard-coded certificates, etc. to attack affected components

Trust: 1.98

sources: NVD: CVE-2019-1714 // JVNDB: JVNDB-2019-004376 // BID: 108185 // VULHUB: VHN-149356

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:ltversion:6.3.0.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.9.2.50

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.2.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.10.1.17

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.8.4

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.10

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.3.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.2.3.12

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.7

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.9

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense virtualscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.3

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.3

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.2

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.1

Trust: 0.3

vendor:ciscomodel:firepower security appliancesscope:eqversion:93000

Trust: 0.3

vendor:ciscomodel:firepower seriesscope:eqversion:41000

Trust: 0.3

vendor:ciscomodel:firepower seriesscope:eqversion:21000

Trust: 0.3

vendor:ciscomodel:asa services module for cisco catalyst series switchesscope:eqversion:65000

Trust: 0.3

vendor:ciscomodel:asa services module for cisco series routersscope:eqversion:76000

Trust: 0.3

vendor:ciscomodel:asa series firewallsscope:eqversion:5500-x0

Trust: 0.3

vendor:ciscomodel:adaptive security virtual appliancescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.9

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.7

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.10

Trust: 0.3

vendor:ciscomodel:series industrial security appliancesscope:eqversion:30000

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:neversion:6.3.0.3

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:neversion:6.2.3.12

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:neversion:9.8.4

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:neversion:9.9.2.50

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:neversion:9.10.1.17

Trust: 0.3

sources: BID: 108185 // JVNDB: JVNDB-2019-004376 // NVD: CVE-2019-1714

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1714
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1714
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-1714
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201905-038
value: HIGH

Trust: 0.6

VULHUB: VHN-149356
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-1714
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-149356
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-1714
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1714
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.0

NVD: CVE-2019-1714
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-149356 // JVNDB: JVNDB-2019-004376 // CNNVD: CNNVD-201905-038 // NVD: CVE-2019-1714 // NVD: CVE-2019-1714

PROBLEMTYPE DATA

problemtype:CWE-255

Trust: 1.9

problemtype:NVD-CWE-Other

Trust: 1.0

sources: VULHUB: VHN-149356 // JVNDB: JVNDB-2019-004376 // NVD: CVE-2019-1714

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-038

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201905-038

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-004376

PATCH

title:cisco-sa-20190501-asaftd-saml-vpnurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asaftd-saml-vpn

Trust: 0.8

title:Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Repair measures for trust management problem vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92187

Trust: 0.6

sources: JVNDB: JVNDB-2019-004376 // CNNVD: CNNVD-201905-038

EXTERNAL IDS

db:NVDid:CVE-2019-1714

Trust: 2.8

db:BIDid:108185

Trust: 2.0

db:JVNDBid:JVNDB-2019-004376

Trust: 0.8

db:CNNVDid:CNNVD-201905-038

Trust: 0.7

db:AUSCERTid:ESB-2019.1510.2

Trust: 0.6

db:VULHUBid:VHN-149356

Trust: 0.1

sources: VULHUB: VHN-149356 // BID: 108185 // JVNDB: JVNDB-2019-004376 // CNNVD: CNNVD-201905-038 // NVD: CVE-2019-1714

REFERENCES

url:http://www.securityfocus.com/bid/108185

Trust: 2.3

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-asaftd-saml-vpn

Trust: 2.0

url:https://nvd.nist.gov/vuln/detail/cve-2019-1714

Trust: 1.4

url:http://www.cisco.com/

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1714

Trust: 0.8

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-asa-ftd-ike-dos

Trust: 0.6

url:https://www.auscert.org.au/bulletins/80090

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-asa-privilege-escalation-via-vpn-saml-authentication-bypass-29202

Trust: 0.6

sources: VULHUB: VHN-149356 // BID: 108185 // JVNDB: JVNDB-2019-004376 // CNNVD: CNNVD-201905-038 // NVD: CVE-2019-1714

CREDITS

Cisco.

Trust: 0.9

sources: BID: 108185 // CNNVD: CNNVD-201905-038

SOURCES

db:VULHUBid:VHN-149356
db:BIDid:108185
db:JVNDBid:JVNDB-2019-004376
db:CNNVDid:CNNVD-201905-038
db:NVDid:CVE-2019-1714

LAST UPDATE DATE

2024-08-14T13:45:03.390000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-149356date:2020-10-07T00:00:00
db:BIDid:108185date:2019-05-01T00:00:00
db:JVNDBid:JVNDB-2019-004376date:2019-05-31T00:00:00
db:CNNVDid:CNNVD-201905-038date:2022-06-01T00:00:00
db:NVDid:CVE-2019-1714date:2023-08-15T15:24:56.340

SOURCES RELEASE DATE

db:VULHUBid:VHN-149356date:2019-05-03T00:00:00
db:BIDid:108185date:2019-05-01T00:00:00
db:JVNDBid:JVNDB-2019-004376date:2019-05-31T00:00:00
db:CNNVDid:CNNVD-201905-038date:2019-05-01T00:00:00
db:NVDid:CVE-2019-1714date:2019-05-03T17:29:00.533