CWE
203
Advisory Published

cisco-sa-asaftd-tls-bb-2g9uWkP: Cisco Firepower 1000 Series Bleichenbacher Attack Vulnerability

First published: Wed Oct 21 2020(Updated: )

A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper implementation of countermeasures against the Bleichenbacher attack for cipher suites that rely on RSA for key exchange. An attacker could exploit this vulnerability by sending crafted TLS messages to the device, which would act as an oracle and allow the attacker to carry out a chosen-ciphertext attack. A successful exploit could allow the attacker to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions to the affected device. To exploit this vulnerability, an attacker must be able to perform both of the following actions: Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-tls-bb-2g9uWkP

Credit: This vulnerability was found during the resolution a Cisco TAC support case

Affected SoftwareAffected VersionHow to fix
Cisco ASA Software=9.14<9.14.1.30>=Earlier than 9.13<=9.13<9.13.1.13
9.14.1.30
9.13.1.13
Cisco FTD Software>=Earlier than 6.4.0<=6.4.0<6.4.0.10
6.4.0.10

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

  • What is the vulnerability ID for this Cisco ASA and FTD vulnerability?

    The vulnerability ID for this Cisco ASA and FTD vulnerability is cisco-sa-asaftd-tls-bb-2g9uWkP.

  • What is the title of this vulnerability?

    The title of this vulnerability is 'Cisco Firepower 1000 Series Bleichenbacher Attack Vulnerability'.

  • What is the severity rating for this vulnerability?

    The severity rating for this vulnerability is medium with a value of 5.3.

  • Which software and versions are affected by this vulnerability?

    Cisco ASA Software versions 9.14 up to 9.14.1.30 and versions earlier than 9.13 up to 9.13.1.13, as well as Cisco FTD Software versions earlier than 6.4.0 up to 6.4.0.10 are affected by this vulnerability.

  • How can an attacker exploit this vulnerability?

    An unauthenticated, remote attacker can exploit this vulnerability to gain access to sensitive information through the TLS handler of Cisco ASA Software and Cisco FTD Software on Cisco Firepower 1000 Series firewalls.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203