ID

VAR-202005-0682


CVE

CVE-2020-3125


TITLE

Cisco Adaptive Security Appliance Authentication vulnerabilities in software

Trust: 0.8

sources: JVNDB: JVNDB-2020-005357

DESCRIPTION

A vulnerability in the Kerberos authentication feature of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to impersonate the Kerberos key distribution center (KDC) and bypass authentication on an affected device that is configured to perform Kerberos authentication for VPN or local device access. The vulnerability is due to insufficient identity verification of the KDC when a successful authentication response is received. An attacker could exploit this vulnerability by spoofing the KDC server response to the ASA device. This malicious response would not have been authenticated by the KDC. A successful attack could allow an attacker to bypass Kerberos authentication. Cisco Adaptive Security Appliance (ASA) The software contains an authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. The platform provides features such as highly secure access to data and network resources. The following products and versions are affected: Cisco ASA Software 9.6 and earlier, 9.7, 9.8, 9.9, 9.10, 9.12, 9.13

Trust: 1.8

sources: NVD: CVE-2020-3125 // JVNDB: JVNDB-2020-005357 // VULHUB: VHN-181250 // VULMON: CVE-2020-3125

AFFECTED PRODUCTS

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.9.2.66

Trust: 1.0

vendor:ciscomodel:asa 5540scope:eqversion:9.10\(1.220\)

Trust: 1.0

vendor:ciscomodel:asa 5580scope:eqversion:9.10\(1.220\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.10.1.37

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.12.3.2

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.13

Trust: 1.0

vendor:ciscomodel:asa 5525-xscope:eqversion:9.10\(1.220\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.13.1.7

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.10

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.12

Trust: 1.0

vendor:ciscomodel:asa 5505scope:eqversion:9.10\(1.220\)

Trust: 1.0

vendor:ciscomodel:asa 5512-xscope:eqversion:9.10\(1.220\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.9

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.8

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.8.4.15

Trust: 1.0

vendor:ciscomodel:asa 5550scope:eqversion:9.10\(1.220\)

Trust: 1.0

vendor:ciscomodel:asa 5545-xscope:eqversion:9.10\(1.220\)

Trust: 1.0

vendor:ciscomodel:asa 5585-xscope:eqversion:9.10\(1.220\)

Trust: 1.0

vendor:ciscomodel:asa 5520scope:eqversion:9.10\(1.220\)

Trust: 1.0

vendor:ciscomodel:asa 5555-xscope:eqversion:9.10\(1.220\)

Trust: 1.0

vendor:ciscomodel:asa 5515-xscope:eqversion:9.10\(1.220\)

Trust: 1.0

vendor:ciscomodel:asa 5510scope:eqversion:9.10\(1.220\)

Trust: 1.0

vendor:ciscomodel:asa 5505scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5510scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5512-xscope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5515-xscope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5520scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5525-xscope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5540scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5545-xscope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5550scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5555-xscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-005357 // NVD: CVE-2020-3125

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3125
value: CRITICAL

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3125
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-005357
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-202005-198
value: CRITICAL

Trust: 0.6

VULHUB: VHN-181250
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-3125
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-3125
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2020-005357
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-181250
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-3125
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3125
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 5.9
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-005357
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-181250 // VULMON: CVE-2020-3125 // JVNDB: JVNDB-2020-005357 // CNNVD: CNNVD-202005-198 // NVD: CVE-2020-3125 // NVD: CVE-2020-3125

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.9

sources: VULHUB: VHN-181250 // JVNDB: JVNDB-2020-005357 // NVD: CVE-2020-3125

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202005-198

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202005-198

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-005357

PATCH

title:cisco-asa-kerberos-bypass-96Gghe2sSurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-asa-kerberos-bypass-96Gghe2sS

Trust: 0.8

title:Cisco Adaptive Security Appliances Software Remediation measures for authorization problem vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=118788

Trust: 0.6

title:Cisco: Cisco Adaptive Security Appliance Software Kerberos Authentication Bypass Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-asa-kerberos-bypass-96Gghe2sS

Trust: 0.1

title:主流供应商的一些攻击性漏洞汇总url:https://github.com/r0eXpeR/supplier

Trust: 0.1

title:The Registerurl:https://www.theregister.co.uk/2020/05/07/cisco_may_patches/

Trust: 0.1

sources: VULMON: CVE-2020-3125 // JVNDB: JVNDB-2020-005357 // CNNVD: CNNVD-202005-198

EXTERNAL IDS

db:NVDid:CVE-2020-3125

Trust: 2.6

db:JVNDBid:JVNDB-2020-005357

Trust: 0.8

db:CNNVDid:CNNVD-202005-198

Trust: 0.7

db:AUSCERTid:ESB-2020.1615

Trust: 0.6

db:AUSCERTid:ESB-2020.1615.2

Trust: 0.6

db:NSFOCUSid:47679

Trust: 0.6

db:VULHUBid:VHN-181250

Trust: 0.1

db:VULMONid:CVE-2020-3125

Trust: 0.1

sources: VULHUB: VHN-181250 // VULMON: CVE-2020-3125 // JVNDB: JVNDB-2020-005357 // CNNVD: CNNVD-202005-198 // NVD: CVE-2020-3125

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-asa-kerberos-bypass-96gghe2ss

Trust: 1.9

url:https://nvd.nist.gov/vuln/detail/cve-2020-3125

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3125

Trust: 0.8

url:http://www.nsfocus.net/vulndb/47679

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1615/

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-asa-privilege-escalation-via-kerberos-32196

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1615.2/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/287.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/r0exper/supplier

Trust: 0.1

sources: VULHUB: VHN-181250 // VULMON: CVE-2020-3125 // JVNDB: JVNDB-2020-005357 // CNNVD: CNNVD-202005-198 // NVD: CVE-2020-3125

SOURCES

db:VULHUBid:VHN-181250
db:VULMONid:CVE-2020-3125
db:JVNDBid:JVNDB-2020-005357
db:CNNVDid:CNNVD-202005-198
db:NVDid:CVE-2020-3125

LAST UPDATE DATE

2024-08-14T13:24:33.962000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-181250date:2020-05-14T00:00:00
db:VULMONid:CVE-2020-3125date:2023-08-16T00:00:00
db:JVNDBid:JVNDB-2020-005357date:2020-06-12T00:00:00
db:CNNVDid:CNNVD-202005-198date:2020-08-12T00:00:00
db:NVDid:CVE-2020-3125date:2023-08-16T16:17:07.960

SOURCES RELEASE DATE

db:VULHUBid:VHN-181250date:2020-05-06T00:00:00
db:VULMONid:CVE-2020-3125date:2020-05-06T00:00:00
db:JVNDBid:JVNDB-2020-005357date:2020-06-12T00:00:00
db:CNNVDid:CNNVD-202005-198date:2020-05-06T00:00:00
db:NVDid:CVE-2020-3125date:2020-05-06T17:15:11.807