CVE-2024-20355 - OpenCVE

A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an affected device. This vulnerability is due to improper separation of authorization domains when using SAML authentication. An attacker could exploit this vulnerability by using valid credentials to successfully authenticate using their designated connection profile (tunnel group), intercepting the SAML SSO token that is sent back from the Cisco ASA device, and then submitting the same SAML SSO token to a different tunnel group for authentication. A successful exploit could allow the attacker to establish a remote access VPN session using a connection profile that they are not authorized to use and connect to secured networks behind the affected device that they are not authorized to access. For successful exploitation, the attacker must have valid remote access VPN user credentials.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-bypass-KkNvXyKW

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2024-05-22T16:54:35.619Z

Updated: 2024-08-01T21:59:42.284Z

Reserved: 2023-11-08T15:08:07.648Z

Link: CVE-2024-20355

Vulnrichment

Updated: 2024-08-01T21:59:42.284Z

NVD

Status : Awaiting Analysis

Published: 2024-05-22T17:16:13.477

Modified: 2024-05-22T18:59:20.240

Link: CVE-2024-20355

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-20355", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2023-11-08T15:08:07.648Z", "datePublished": "2024-05-22T16:54:35.619Z", "dateUpdated": "2024-08-01T21:59:42.284Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-05-22T16:54:35.619Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an affected device. This vulnerability is due to improper separation of authorization domains when using SAML authentication. An attacker could exploit this vulnerability by using valid credentials to successfully authenticate using their designated connection profile (tunnel group), intercepting the SAML SSO token that is sent back from the Cisco ASA device, and then submitting the same SAML SSO token to a different tunnel group for authentication. A successful exploit could allow the attacker to establish a remote access VPN session using a connection profile that they are not authorized to use and connect to secured networks behind the affected device that they are not authorized to access. For successful exploitation, the attacker must have valid remote access VPN user credentials."}], "affected": [{"vendor": "Cisco", "product": "Cisco Adaptive Security Appliance (ASA) Software", "versions": [{"version": "9.8.2.28", "status": "affected"}, {"version": "9.8.2.33", "status": "affected"}, {"version": "9.8.2.35", "status": "affected"}, {"version": "9.8.2.38", "status": "affected"}, {"version": "9.8.3.8", "status": "affected"}, {"version": "9.8.3.11", "status": "affected"}, {"version": "9.8.3.14", "status": "affected"}, {"version": "9.8.3.16", "status": "affected"}, {"version": "9.8.3.18", "status": "affected"}, {"version": "9.8.3.21", "status": "affected"}, {"version": "9.8.3", "status": "affected"}, {"version": "9.8.3.26", "status": "affected"}, {"version": "9.8.3.29", "status": "affected"}, {"version": "9.8.4", "status": "affected"}, {"version": "9.8.4.3", "status": "affected"}, {"version": "9.8.4.7", "status": "affected"}, {"version": "9.8.4.8", "status": "affected"}, {"version": "9.8.4.10", "status": "affected"}, {"version": "9.8.4.12", "status": "affected"}, {"version": "9.8.4.15", "status": "affected"}, {"version": "9.8.4.17", "status": "affected"}, {"version": "9.8.4.25", "status": "affected"}, {"version": "9.8.4.20", "status": "affected"}, {"version": "9.8.4.22", "status": "affected"}, {"version": "9.8.4.26", "status": "affected"}, {"version": "9.8.4.29", "status": "affected"}, {"version": "9.8.4.32", "status": "affected"}, {"version": "9.8.4.33", "status": "affected"}, {"version": "9.8.4.34", "status": "affected"}, {"version": "9.8.4.35", "status": "affected"}, {"version": "9.8.4.39", "status": "affected"}, {"version": "9.8.4.40", "status": "affected"}, {"version": "9.8.4.41", "status": "affected"}, {"version": "9.8.4.43", "status": "affected"}, {"version": "9.8.4.44", "status": "affected"}, {"version": "9.8.4.45", "status": "affected"}, {"version": "9.8.4.46", "status": "affected"}, {"version": "9.8.4.48", "status": "affected"}, {"version": "9.12.1", "status": "affected"}, {"version": "9.12.1.2", "status": "affected"}, {"version": "9.12.1.3", "status": "affected"}, {"version": "9.12.2", "status": "affected"}, {"version": "9.12.2.4", "status": "affected"}, {"version": "9.12.2.5", "status": "affected"}, {"version": "9.12.2.9", "status": "affected"}, {"version": "9.12.3", "status": "affected"}, {"version": "9.12.3.2", "status": "affected"}, {"version": "9.12.3.7", "status": "affected"}, {"version": "9.12.4", "status": "affected"}, {"version": "9.12.3.12", "status": "affected"}, {"version": "9.12.3.9", "status": "affected"}, {"version": "9.12.2.1", "status": "affected"}, {"version": "9.12.4.2", "status": "affected"}, {"version": "9.12.4.4", "status": "affected"}, {"version": "9.12.4.7", "status": "affected"}, {"version": "9.12.4.10", "status": "affected"}, {"version": "9.12.4.13", "status": "affected"}, {"version": "9.12.4.8", "status": "affected"}, {"version": "9.12.4.18", "status": "affected"}, {"version": "9.12.4.24", "status": "affected"}, {"version": "9.12.4.26", "status": "affected"}, {"version": "9.12.4.29", "status": "affected"}, {"version": "9.12.4.30", "status": "affected"}, {"version": "9.12.4.35", "status": "affected"}, {"version": "9.12.4.37", "status": "affected"}, {"version": "9.12.4.38", "status": "affected"}, {"version": "9.12.4.39", "status": "affected"}, {"version": "9.12.4.40", "status": "affected"}, {"version": "9.12.4.41", "status": "affected"}, {"version": "9.12.4.47", "status": "affected"}, {"version": "9.12.4.48", "status": "affected"}, {"version": "9.12.4.50", "status": "affected"}, {"version": "9.12.4.52", "status": "affected"}, {"version": "9.12.4.54", "status": "affected"}, {"version": "9.12.4.55", "status": "affected"}, {"version": "9.12.4.56", "status": "affected"}, {"version": "9.12.4.58", "status": "affected"}, {"version": "9.14.1", "status": "affected"}, {"version": "9.14.1.10", "status": "affected"}, {"version": "9.14.1.6", "status": "affected"}, {"version": "9.14.1.15", "status": "affected"}, {"version": "9.14.1.19", "status": "affected"}, {"version": "9.14.1.30", "status": "affected"}, {"version": "9.14.2", "status": "affected"}, {"version": "9.14.2.4", "status": "affected"}, {"version": "9.14.2.8", "status": "affected"}, {"version": "9.14.2.13", "status": "affected"}, {"version": "9.14.2.15", "status": "affected"}, {"version": "9.14.3", "status": "affected"}, {"version": "9.14.3.1", "status": "affected"}, {"version": "9.14.3.9", "status": "affected"}, {"version": "9.14.3.11", "status": "affected"}, {"version": "9.14.3.13", "status": "affected"}, {"version": "9.14.3.18", "status": "affected"}, {"version": "9.14.3.15", "status": "affected"}, {"version": "9.14.4", "status": "affected"}, {"version": "9.14.4.6", "status": "affected"}, {"version": "9.14.4.7", "status": "affected"}, {"version": "9.14.4.12", "status": "affected"}, {"version": "9.14.4.13", "status": "affected"}, {"version": "9.14.4.14", "status": "affected"}, {"version": "9.14.4.15", "status": "affected"}, {"version": "9.14.4.17", "status": "affected"}, {"version": "9.14.4.22", "status": "affected"}, {"version": "9.14.4.23", "status": "affected"}, {"version": "9.14.4.24", "status": "affected"}, {"version": "9.15.1", "status": "affected"}, {"version": "9.15.1.7", "status": "affected"}, {"version": "9.15.1.10", "status": "affected"}, {"version": "9.15.1.15", "status": "affected"}, {"version": "9.15.1.16", "status": "affected"}, {"version": "9.15.1.17", "status": "affected"}, {"version": "9.15.1.1", "status": "affected"}, {"version": "9.15.1.21", "status": "affected"}, {"version": "9.16.1", "status": "affected"}, {"version": "9.16.1.28", "status": "affected"}, {"version": "9.16.2", "status": "affected"}, {"version": "9.16.2.3", "status": "affected"}, {"version": "9.16.2.7", "status": "affected"}, {"version": "9.16.2.11", "status": "affected"}, {"version": "9.16.2.13", "status": "affected"}, {"version": "9.16.2.14", "status": "affected"}, {"version": "9.16.3", "status": "affected"}, {"version": "9.16.3.3", "status": "affected"}, {"version": "9.16.3.14", "status": "affected"}, {"version": "9.16.3.15", "status": "affected"}, {"version": "9.16.3.19", "status": "affected"}, {"version": "9.16.3.23", "status": "affected"}, {"version": "9.16.4", "status": "affected"}, {"version": "9.16.4.9", "status": "affected"}, {"version": "9.16.4.14", "status": "affected"}, {"version": "9.16.4.18", "status": "affected"}, {"version": "9.16.4.19", "status": "affected"}, {"version": "9.17.1", "status": "affected"}, {"version": "9.17.1.7", "status": "affected"}, {"version": "9.17.1.9", "status": "affected"}, {"version": "9.17.1.10", "status": "affected"}, {"version": "9.17.1.11", "status": "affected"}, {"version": "9.17.1.13", "status": "affected"}, {"version": "9.17.1.15", "status": "affected"}, {"version": "9.17.1.20", "status": "affected"}, {"version": "9.17.1.30", "status": "affected"}, {"version": "9.18.1", "status": "affected"}, {"version": "9.18.1.3", "status": "affected"}, {"version": "9.18.2", "status": "affected"}, {"version": "9.18.2.5", "status": "affected"}, {"version": "9.18.2.7", "status": "affected"}, {"version": "9.18.2.8", "status": "affected"}, {"version": "9.18.3", "status": "affected"}, {"version": "9.18.3.39", "status": "affected"}, {"version": "9.19.1", "status": "affected"}, {"version": "9.19.1.5", "status": "affected"}, {"version": "9.19.1.9", "status": "affected"}]}, {"vendor": "Cisco", "product": "Cisco Firepower Threat Defense Software", "versions": [{"version": "6.2.3", "status": "affected"}, {"version": "6.2.3.1", "status": "affected"}, {"version": "6.2.3.2", "status": "affected"}, {"version": "6.2.3.3", "status": "affected"}, {"version": "6.2.3.4", "status": "affected"}, {"version": "6.2.3.5", "status": "affected"}, {"version": "6.2.3.6", "status": "affected"}, {"version": "6.2.3.7", "status": "affected"}, {"version": "6.2.3.8", "status": "affected"}, {"version": "6.2.3.10", "status": "affected"}, {"version": "6.2.3.11", "status": "affected"}, {"version": "6.2.3.9", "status": "affected"}, {"version": "6.2.3.12", "status": "affected"}, {"version": "6.2.3.13", "status": "affected"}, {"version": "6.2.3.14", "status": "affected"}, {"version": "6.2.3.15", "status": "affected"}, {"version": "6.2.3.16", "status": "affected"}, {"version": "6.2.3.17", "status": "affected"}, {"version": "6.2.3.18", "status": "affected"}, {"version": "6.6.0", "status": "affected"}, {"version": "6.6.0.1", "status": "affected"}, {"version": "6.6.1", "status": "affected"}, {"version": "6.6.3", "status": "affected"}, {"version": "6.6.4", "status": "affected"}, {"version": "6.6.5", "status": "affected"}, {"version": "6.6.5.1", "status": "affected"}, {"version": "6.6.5.2", "status": "affected"}, {"version": "6.6.7", "status": "affected"}, {"version": "6.6.7.1", "status": "affected"}, {"version": "6.6.7.2", "status": "affected"}, {"version": "6.4.0", "status": "affected"}, {"version": "6.4.0.1", "status": "affected"}, {"version": "6.4.0.3", "status": "affected"}, {"version": "6.4.0.2", "status": "affected"}, {"version": "6.4.0.4", "status": "affected"}, {"version": "6.4.0.5", "status": "affected"}, {"version": "6.4.0.6", "status": "affected"}, {"version": "6.4.0.7", "status": "affected"}, {"version": "6.4.0.8", "status": "affected"}, {"version": "6.4.0.9", "status": "affected"}, {"version": "6.4.0.10", "status": "affected"}, {"version": "6.4.0.11", "status": "affected"}, {"version": "6.4.0.12", "status": "affected"}, {"version": "6.4.0.13", "status": "affected"}, {"version": "6.4.0.14", "status": "affected"}, {"version": "6.4.0.15", "status": "affected"}, {"version": "6.4.0.16", "status": "affected"}, {"version": "6.7.0", "status": "affected"}, {"version": "6.7.0.1", "status": "affected"}, {"version": "6.7.0.2", "status": "affected"}, {"version": "6.7.0.3", "status": "affected"}, {"version": "7.0.0", "status": "affected"}, {"version": "7.0.0.1", "status": "affected"}, {"version": "7.0.1", "status": "affected"}, {"version": "7.0.1.1", "status": "affected"}, {"version": "7.0.2", "status": "affected"}, {"version": "7.0.2.1", "status": "affected"}, {"version": "7.0.3", "status": "affected"}, {"version": "7.0.4", "status": "affected"}, {"version": "7.0.5", "status": "affected"}, {"version": "7.1.0", "status": "affected"}, {"version": "7.1.0.1", "status": "affected"}, {"version": "7.1.0.2", "status": "affected"}, {"version": "7.1.0.3", "status": "affected"}, {"version": "7.2.0", "status": "affected"}, {"version": "7.2.0.1", "status": "affected"}, {"version": "7.2.1", "status": "affected"}, {"version": "7.2.2", "status": "affected"}, {"version": "7.2.3", "status": "affected"}, {"version": "7.2.4", "status": "affected"}, {"version": "7.3.0", "status": "affected"}, {"version": "7.3.1", "status": "affected"}, {"version": "7.3.1.1", "status": "affected"}, {"version": "7.3.1.2", "status": "affected"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Missing Authorization", "type": "cwe", "cweId": "CWE-862"}]}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-bypass-KkNvXyKW", "name": "cisco-sa-asaftd-saml-bypass-KkNvXyKW"}], "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N", "baseScore": 5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-asaftd-saml-bypass-KkNvXyKW", "discovery": "EXTERNAL", "defects": ["CSCwe95729"]}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-20355", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-23T16:14:22.406328Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:cisco:firepower_management_center:-:*:*:*:*:*:*:*"], "vendor": "cisco", "product": "firepower_management_center", "versions": [{"status": "affected", "version": "6.2.3"}, {"status": "affected", "version": "6.2.3.1"}, {"status": "affected", "version": "6.2.3.2"}, {"status": "affected", "version": "6.2.3.3"}, {"status": "affected", "version": "6.2.3.4"}, {"status": "affected", "version": "6.2.3.5"}, {"status": "affected", "version": "6.2.3.6"}, {"status": "affected", "version": "6.2.3.7"}, {"status": "affected", "version": "6.2.3.8"}, {"status": "affected", "version": "6.2.3.10"}, {"status": "affected", "version": "6.2.3.11"}, {"status": "affected", "version": "6.2.3.9"}, {"status": "affected", "version": "6.2.3.12"}, {"status": "affected", "version": "6.2.3.13"}, {"status": "affected", "version": "6.2.3.14"}, {"status": "affected", "version": "6.2.3.15"}, {"status": "affected", "version": "6.2.3.16"}, {"status": "affected", "version": "6.2.3.17"}, {"status": "affected", "version": "6.2.3.18"}, {"status": "affected", "version": "6.6.0"}, {"status": "affected", "version": "6.6.0.1"}, {"status": "affected", "version": "6.6.1"}, {"status": "affected", "version": "6.6.3"}, {"status": "affected", "version": "6.6.4"}, {"status": "affected", "version": "6.6.5"}, {"status": "affected", "version": "6.6.5.1"}, {"status": "affected", "version": "6.6.5.2"}, {"status": "affected", "version": "6.6.7"}, {"status": "affected", "version": "6.6.7.1"}, {"status": "affected", "version": "6.6.7.2"}, {"status": "affected", "version": "6.4.0"}, {"status": "affected", "version": "6.4.0.1"}, {"status": "affected", "version": "6.4.0.3"}, {"status": "affected", "version": "6.4.0.2"}, {"status": "affected", "version": "6.4.0.4"}, {"status": "affected", "version": "6.4.0.5"}, {"status": "affected", "version": "6.4.0.6"}, {"status": "affected", "version": "6.4.0.7"}, {"status": "affected", "version": "6.4.0.8"}, {"status": "affected", "version": "6.4.0.9"}, {"status": "affected", "version": "6.4.0.10"}, {"status": "affected", "version": "6.4.0.11"}, {"status": "affected", "version": "6.4.0.12"}, {"status": "affected", "version": "6.4.0.13"}, {"status": "affected", "version": "6.4.0.14"}, {"status": "affected", "version": "6.4.0.15"}, {"status": "affected", "version": "6.4.0.16"}, {"status": "affected", "version": "6.7.0"}, {"status": "affected", "version": "6.7.0.1"}, {"status": "affected", "version": "6.7.0.2"}, {"status": "affected", "version": "6.7.0.3"}, {"status": "affected", "version": "7.0.0"}, {"status": "affected", "version": "7.0.0.1"}, {"status": "affected", "version": "7.0.1"}, {"status": "affected", "version": "7.0.1.1"}, {"status": "affected", "version": "7.0.2"}, {"status": "affected", "version": "7.0.2.1"}, {"status": "affected", "version": "7.0.3"}, {"status": "affected", "version": "7.0.4"}, {"status": "affected", "version": "7.0.5"}, {"status": "affected", "version": "7.1.0"}, {"status": "affected", "version": "7.1.0.1"}, {"status": "affected", "version": "7.1.0.2"}, {"status": "affected", "version": "7.1.0.3"}, {"status": "affected", "version": "7.2.0"}, {"status": "affected", "version": "7.2.0.1"}, {"status": "affected", "version": "7.2.1"}, {"status": "affected", "version": "7.2.2"}, {"status": "affected", "version": "7.2.3"}, {"status": "affected", "version": "7.2.4"}, {"status": "affected", "version": "7.3.0"}, {"status": "affected", "version": "7.3.1"}, {"status": "affected", "version": "7.3.1.1"}, {"status": "affected", "version": "7.3.1.2"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:cisco:adaptive_security_appliance:-:*:*:*:*:*:*:*"], "vendor": "cisco", "product": "adaptive_security_appliance", "versions": [{"status": "affected", "version": "9.8.2.28"}, {"status": "affected", "version": "9.8.2.33"}, {"status": "affected", "version": "9.8.2.35"}, {"status": "affected", "version": "9.8.2.38"}, {"status": "affected", "version": "9.8.3.8"}, {"status": "affected", "version": "9.8.3.11"}, {"status": "affected", "version": "9.8.3.14"}, {"status": "affected", "version": "9.8.3.16"}, {"status": "affected", "version": "9.8.3.18"}, {"status": "affected", "version": "9.8.3.21"}, {"status": "affected", "version": "9.8.3"}, {"status": "affected", "version": "9.8.3.26"}, {"status": "affected", "version": "9.8.3.29"}, {"status": "affected", "version": "9.8.4"}, {"status": "affected", "version": "9.8.4.3"}, {"status": "affected", "version": "9.8.4.7"}, {"status": "affected", "version": "9.8.4.8"}, {"status": "affected", "version": "9.8.4.10"}, {"status": "affected", "version": "9.8.4.12"}, {"status": "affected", "version": "9.8.4.15"}, {"status": "affected", "version": "9.8.4.17"}, {"status": "affected", "version": "9.8.4.25"}, {"status": "affected", "version": "9.8.4.20"}, {"status": "affected", "version": "9.8.4.22"}, {"status": "affected", "version": "9.8.4.26"}, {"status": "affected", "version": "9.8.4.29"}, {"status": "affected", "version": "9.8.4.32"}, {"status": "affected", "version": "9.8.4.33"}, {"status": "affected", "version": "9.8.4.34"}, {"status": "affected", "version": "9.8.4.35"}, {"status": "affected", "version": "9.8.4.39"}, {"status": "affected", "version": "9.8.4.40"}, {"status": "affected", "version": "9.8.4.41"}, {"status": "affected", "version": "9.8.4.43"}, {"status": "affected", "version": "9.8.4.44"}, {"status": "affected", "version": "9.8.4.45"}, {"status": "affected", "version": "9.8.4.46"}, {"status": "affected", "version": "9.8.4.48"}, {"status": "affected", "version": "9.12.1"}, {"status": "affected", "version": "9.12.1.2"}, {"status": "affected", "version": "9.12.1.3"}, {"status": "affected", "version": "9.12.2"}, {"status": "affected", "version": "9.12.2.4"}, {"status": "affected", "version": "9.12.2.5"}, {"status": "affected", "version": "9.12.2.9"}, {"status": "affected", "version": "9.12.3"}, {"status": "affected", "version": "9.12.3.2"}, {"status": "affected", "version": "9.12.3.7"}, {"status": "affected", "version": "9.12.4"}, {"status": "affected", "version": "9.12.3.12"}, {"status": "affected", "version": "9.12.3.9"}, {"status": "affected", "version": "9.12.2.1"}, {"status": "affected", "version": "9.12.4.2"}, {"status": "affected", "version": "9.12.4.4"}, {"status": "affected", "version": "9.12.4.7"}, {"status": "affected", "version": "9.12.4.10"}, {"status": "affected", "version": "9.12.4.13"}, {"status": "affected", "version": "9.12.4.8"}, {"status": "affected", "version": "9.12.4.18"}, {"status": "affected", "version": "9.12.4.24"}, {"status": "affected", "version": "9.12.4.26"}, {"status": "affected", "version": "9.12.4.29"}, {"status": "affected", "version": "9.12.4.30"}, {"status": "affected", "version": "9.12.4.35"}, {"status": "affected", "version": "9.12.4.37"}, {"status": "affected", "version": "9.12.4.38"}, {"status": "affected", "version": "9.12.4.39"}, {"status": "affected", "version": "9.12.4.40"}, {"status": "affected", "version": "9.12.4.41"}, {"status": "affected", "version": "9.12.4.47"}, {"status": "affected", "version": "9.12.4.48"}, {"status": "affected", "version": "9.12.4.50"}, {"status": "affected", "version": "9.12.4.52"}, {"status": "affected", "version": "9.12.4.54"}, {"status": "affected", "version": "9.12.4.55"}, {"status": "affected", "version": "9.12.4.56"}, {"status": "affected", "version": "9.12.4.58"}, {"status": "affected", "version": "9.14.1"}, {"status": "affected", "version": "9.14.1.10"}, {"status": "affected", "version": "9.14.1.6"}, {"status": "affected", "version": "9.14.1.15"}, {"status": "affected", "version": "9.14.1.19"}, {"status": "affected", "version": "9.14.1.30"}, {"status": "affected", "version": "9.14.2"}, {"status": "affected", "version": "9.14.2.4"}, {"status": "affected", "version": "9.14.2.8"}, {"status": "affected", "version": "9.14.2.13"}, {"status": "affected", "version": "9.14.2.15"}, {"status": "affected", "version": "9.14.3"}, {"status": "affected", "version": "9.14.3.1"}, {"status": "affected", "version": "9.14.3.9"}, {"status": "affected", "version": "9.14.3.11"}, {"status": "affected", "version": "9.14.3.13"}, {"status": "affected", "version": "9.14.3.18"}, {"status": "affected", "version": "9.14.3.15"}, {"status": "affected", "version": "9.14.4"}, {"status": "affected", "version": "9.14.4.6"}, {"status": "affected", "version": "9.14.4.7"}, {"status": "affected", "version": "9.14.4.12"}, {"status": "affected", "version": "9.14.4.13"}, {"status": "affected", "version": "9.14.4.14"}, {"status": "affected", "version": "9.14.4.15"}, {"status": "affected", "version": "9.14.4.17"}, {"status": "affected", "version": "9.14.4.22"}, {"status": "affected", "version": "9.14.4.23"}, {"status": "affected", "version": "9.14.4.24"}, {"status": "affected", "version": "9.15.1"}, {"status": "affected", "version": "9.15.1.7"}, {"status": "affected", "version": "9.15.1.10"}, {"status": "affected", "version": "9.15.1.15"}, {"status": "affected", "version": "9.15.1.16"}, {"status": "affected", "version": "9.15.1.17"}, {"status": "affected", "version": "9.15.1.1"}, {"status": "affected", "version": "9.15.1.21"}, {"status": "affected", "version": "9.16.1"}, {"status": "affected", "version": "9.16.1.28"}, {"status": "affected", "version": "9.16.2"}, {"status": "affected", "version": "9.16.2.3"}, {"status": "affected", "version": "9.16.2.7"}, {"status": "affected", "version": "9.16.2.11"}, {"status": "affected", "version": "9.16.2.13"}, {"status": "affected", "version": "9.16.2.14"}, {"status": "affected", "version": "9.16.3"}, {"status": "affected", "version": "9.16.3.3"}, {"status": "affected", "version": "9.16.3.14"}, {"status": "affected", "version": "9.16.3.15"}, {"status": "affected", "version": "9.16.3.19"}, {"status": "affected", "version": "9.16.3.23"}, {"status": "affected", "version": "9.16.4"}, {"status": "affected", "version": "9.16.4.9"}, {"status": "affected", "version": "9.16.4.14"}, {"status": "affected", "version": "9.16.4.18"}, {"status": "affected", "version": "9.16.4.19"}, {"status": "affected", "version": "9.17.1"}, {"status": "affected", "version": "9.17.1.7"}, {"status": "affected", "version": "9.17.1.9"}, {"status": "affected", "version": "9.17.1.10"}, {"status": "affected", "version": "9.17.1.11"}, {"status": "affected", "version": "9.17.1.13"}, {"status": "affected", "version": "9.17.1.15"}, {"status": "affected", "version": "9.17.1.20"}, {"status": "affected", "version": "9.17.1.30"}, {"status": "affected", "version": "9.18.1"}, {"status": "affected", "version": "9.18.1.3"}, {"status": "affected", "version": "9.18.2"}, {"status": "affected", "version": "9.18.2.5"}, {"status": "affected", "version": "9.18.2.7"}, {"status": "affected", "version": "9.18.2.8"}, {"status": "affected", "version": "9.18.3"}, {"status": "affected", "version": "9.18.3.39"}, {"status": "affected", "version": "9.19.1"}, {"status": "affected", "version": "9.19.1.5"}, {"status": "affected", "version": "9.19.1.9"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:39:58.380Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:59:42.284Z"}, "title": "CVE Program Container", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-bypass-KkNvXyKW", "name": "cisco-sa-asaftd-saml-bypass-KkNvXyKW", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-bypass-KkNvXyKW", "name": "cisco-sa-asaftd-saml-bypass-KkNvXyKW", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:59:42.284Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-20355", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-23T16:14:22.406328Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:cisco:firepower_management_center:-:*:*:*:*:*:*:*"], "vendor": "cisco", "product": "firepower_management_center", "versions": [{"status": "affected", "version": "6.2.3"}, {"status": "affected", "version": "6.2.3.1"}, {"status": "affected", "version": "6.2.3.2"}, {"status": "affected", "version": "6.2.3.3"}, {"status": "affected", "version": "6.2.3.4"}, {"status": "affected", "version": "6.2.3.5"}, {"status": "affected", "version": "6.2.3.6"}, {"status": "affected", "version": "6.2.3.7"}, {"status": "affected", "version": "6.2.3.8"}, {"status": "affected", "version": "6.2.3.10"}, {"status": "affected", "version": "6.2.3.11"}, {"status": "affected", "version": "6.2.3.9"}, {"status": "affected", "version": "6.2.3.12"}, {"status": "affected", "version": "6.2.3.13"}, {"status": "affected", "version": "6.2.3.14"}, {"status": "affected", "version": "6.2.3.15"}, {"status": "affected", "version": "6.2.3.16"}, {"status": "affected", "version": "6.2.3.17"}, {"status": "affected", "version": "6.2.3.18"}, {"status": "affected", "version": "6.6.0"}, {"status": "affected", "version": "6.6.0.1"}, {"status": "affected", "version": "6.6.1"}, {"status": "affected", "version": "6.6.3"}, {"status": "affected", "version": "6.6.4"}, {"status": "affected", "version": "6.6.5"}, {"status": "affected", "version": "6.6.5.1"}, {"status": "affected", "version": "6.6.5.2"}, {"status": "affected", "version": "6.6.7"}, {"status": "affected", "version": "6.6.7.1"}, {"status": "affected", "version": "6.6.7.2"}, {"status": "affected", "version": "6.4.0"}, {"status": "affected", "version": "6.4.0.1"}, {"status": "affected", "version": "6.4.0.3"}, {"status": "affected", "version": "6.4.0.2"}, {"status": "affected", "version": "6.4.0.4"}, {"status": "affected", "version": "6.4.0.5"}, {"status": "affected", "version": "6.4.0.6"}, {"status": "affected", "version": "6.4.0.7"}, {"status": "affected", "version": "6.4.0.8"}, {"status": "affected", "version": "6.4.0.9"}, {"status": "affected", "version": "6.4.0.10"}, {"status": "affected", "version": "6.4.0.11"}, {"status": "affected", "version": "6.4.0.12"}, {"status": "affected", "version": "6.4.0.13"}, {"status": "affected", "version": "6.4.0.14"}, {"status": "affected", "version": "6.4.0.15"}, {"status": "affected", "version": "6.4.0.16"}, {"status": "affected", "version": "6.7.0"}, {"status": "affected", "version": "6.7.0.1"}, {"status": "affected", "version": "6.7.0.2"}, {"status": "affected", "version": "6.7.0.3"}, {"status": "affected", "version": "7.0.0"}, {"status": "affected", "version": "7.0.0.1"}, {"status": "affected", "version": "7.0.1"}, {"status": "affected", "version": "7.0.1.1"}, {"status": "affected", "version": "7.0.2"}, {"status": "affected", "version": "7.0.2.1"}, {"status": "affected", "version": "7.0.3"}, {"status": "affected", "version": "7.0.4"}, {"status": "affected", "version": "7.0.5"}, {"status": "affected", "version": "7.1.0"}, {"status": "affected", "version": "7.1.0.1"}, {"status": "affected", "version": "7.1.0.2"}, {"status": "affected", "version": "7.1.0.3"}, {"status": "affected", "version": "7.2.0"}, {"status": "affected", "version": "7.2.0.1"}, {"status": "affected", "version": "7.2.1"}, {"status": "affected", "version": "7.2.2"}, {"status": "affected", "version": "7.2.3"}, {"status": "affected", "version": "7.2.4"}, {"status": "affected", "version": "7.3.0"}, {"status": "affected", "version": "7.3.1"}, {"status": "affected", "version": "7.3.1.1"}, {"status": "affected", "version": "7.3.1.2"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:cisco:adaptive_security_appliance:-:*:*:*:*:*:*:*"], "vendor": "cisco", "product": "adaptive_security_appliance", "versions": [{"status": "affected", "version": "9.8.2.28"}, {"status": "affected", "version": "9.8.2.33"}, {"status": "affected", "version": "9.8.2.35"}, {"status": "affected", "version": "9.8.2.38"}, {"status": "affected", "version": "9.8.3.8"}, {"status": "affected", "version": "9.8.3.11"}, {"status": "affected", "version": "9.8.3.14"}, {"status": "affected", "version": "9.8.3.16"}, {"status": "affected", "version": "9.8.3.18"}, {"status": "affected", "version": "9.8.3.21"}, {"status": "affected", "version": "9.8.3"}, {"status": "affected", "version": "9.8.3.26"}, {"status": "affected", "version": "9.8.3.29"}, {"status": "affected", "version": "9.8.4"}, {"status": "affected", "version": "9.8.4.3"}, {"status": "affected", "version": "9.8.4.7"}, {"status": "affected", "version": "9.8.4.8"}, {"status": "affected", "version": "9.8.4.10"}, {"status": "affected", "version": "9.8.4.12"}, {"status": "affected", "version": "9.8.4.15"}, {"status": "affected", "version": "9.8.4.17"}, {"status": "affected", "version": "9.8.4.25"}, {"status": "affected", "version": "9.8.4.20"}, {"status": "affected", "version": "9.8.4.22"}, {"status": "affected", "version": "9.8.4.26"}, {"status": "affected", "version": "9.8.4.29"}, {"status": "affected", "version": "9.8.4.32"}, {"status": "affected", "version": "9.8.4.33"}, {"status": "affected", "version": "9.8.4.34"}, {"status": "affected", "version": "9.8.4.35"}, {"status": "affected", "version": "9.8.4.39"}, {"status": "affected", "version": "9.8.4.40"}, {"status": "affected", "version": "9.8.4.41"}, {"status": "affected", "version": "9.8.4.43"}, {"status": "affected", "version": "9.8.4.44"}, {"status": "affected", "version": "9.8.4.45"}, {"status": "affected", "version": "9.8.4.46"}, {"status": "affected", "version": "9.8.4.48"}, {"status": "affected", "version": "9.12.1"}, {"status": "affected", "version": "9.12.1.2"}, {"status": "affected", "version": "9.12.1.3"}, {"status": "affected", "version": "9.12.2"}, {"status": "affected", "version": "9.12.2.4"}, {"status": "affected", "version": "9.12.2.5"}, {"status": "affected", "version": "9.12.2.9"}, {"status": "affected", "version": "9.12.3"}, {"status": "affected", "version": "9.12.3.2"}, {"status": "affected", "version": "9.12.3.7"}, {"status": "affected", "version": "9.12.4"}, {"status": "affected", "version": "9.12.3.12"}, {"status": "affected", "version": "9.12.3.9"}, {"status": "affected", "version": "9.12.2.1"}, {"status": "affected", "version": "9.12.4.2"}, {"status": "affected", "version": "9.12.4.4"}, {"status": "affected", "version": "9.12.4.7"}, {"status": "affected", "version": "9.12.4.10"}, {"status": "affected", "version": "9.12.4.13"}, {"status": "affected", "version": "9.12.4.8"}, {"status": "affected", "version": "9.12.4.18"}, {"status": "affected", "version": "9.12.4.24"}, {"status": "affected", "version": "9.12.4.26"}, {"status": "affected", "version": "9.12.4.29"}, {"status": "affected", "version": "9.12.4.30"}, {"status": "affected", "version": "9.12.4.35"}, {"status": "affected", "version": "9.12.4.37"}, {"status": "affected", "version": "9.12.4.38"}, {"status": "affected", "version": "9.12.4.39"}, {"status": "affected", "version": "9.12.4.40"}, {"status": "affected", "version": "9.12.4.41"}, {"status": "affected", "version": "9.12.4.47"}, {"status": "affected", "version": "9.12.4.48"}, {"status": "affected", "version": "9.12.4.50"}, {"status": "affected", "version": "9.12.4.52"}, {"status": "affected", "version": "9.12.4.54"}, {"status": "affected", "version": "9.12.4.55"}, {"status": "affected", "version": "9.12.4.56"}, {"status": "affected", "version": "9.12.4.58"}, {"status": "affected", "version": "9.14.1"}, {"status": "affected", "version": "9.14.1.10"}, {"status": "affected", "version": "9.14.1.6"}, {"status": "affected", "version": "9.14.1.15"}, {"status": "affected", "version": "9.14.1.19"}, {"status": "affected", "version": "9.14.1.30"}, {"status": "affected", "version": "9.14.2"}, {"status": "affected", "version": "9.14.2.4"}, {"status": "affected", "version": "9.14.2.8"}, {"status": "affected", "version": "9.14.2.13"}, {"status": "affected", "version": "9.14.2.15"}, {"status": "affected", "version": "9.14.3"}, {"status": "affected", "version": "9.14.3.1"}, {"status": "affected", "version": "9.14.3.9"}, {"status": "affected", "version": "9.14.3.11"}, {"status": "affected", "version": "9.14.3.13"}, {"status": "affected", "version": "9.14.3.18"}, {"status": "affected", "version": "9.14.3.15"}, {"status": "affected", "version": "9.14.4"}, {"status": "affected", "version": "9.14.4.6"}, {"status": "affected", "version": "9.14.4.7"}, {"status": "affected", "version": "9.14.4.12"}, {"status": "affected", "version": "9.14.4.13"}, {"status": "affected", "version": "9.14.4.14"}, {"status": "affected", "version": "9.14.4.15"}, {"status": "affected", "version": "9.14.4.17"}, {"status": "affected", "version": "9.14.4.22"}, {"status": "affected", "version": "9.14.4.23"}, {"status": "affected", "version": "9.14.4.24"}, {"status": "affected", "version": "9.15.1"}, {"status": "affected", "version": "9.15.1.7"}, {"status": "affected", "version": "9.15.1.10"}, {"status": "affected", "version": "9.15.1.15"}, {"status": "affected", "version": "9.15.1.16"}, {"status": "affected", "version": "9.15.1.17"}, {"status": "affected", "version": "9.15.1.1"}, {"status": "affected", "version": "9.15.1.21"}, {"status": "affected", "version": "9.16.1"}, {"status": "affected", "version": "9.16.1.28"}, {"status": "affected", "version": "9.16.2"}, {"status": "affected", "version": "9.16.2.3"}, {"status": "affected", "version": "9.16.2.7"}, {"status": "affected", "version": "9.16.2.11"}, {"status": "affected", "version": "9.16.2.13"}, {"status": "affected", "version": "9.16.2.14"}, {"status": "affected", "version": "9.16.3"}, {"status": "affected", "version": "9.16.3.3"}, {"status": "affected", "version": "9.16.3.14"}, {"status": "affected", "version": "9.16.3.15"}, {"status": "affected", "version": "9.16.3.19"}, {"status": "affected", "version": "9.16.3.23"}, {"status": "affected", "version": "9.16.4"}, {"status": "affected", "version": "9.16.4.9"}, {"status": "affected", "version": "9.16.4.14"}, {"status": "affected", "version": "9.16.4.18"}, {"status": "affected", "version": "9.16.4.19"}, {"status": "affected", "version": "9.17.1"}, {"status": "affected", "version": "9.17.1.7"}, {"status": "affected", "version": "9.17.1.9"}, {"status": "affected", "version": "9.17.1.10"}, {"status": "affected", "version": "9.17.1.11"}, {"status": "affected", "version": "9.17.1.13"}, {"status": "affected", "version": "9.17.1.15"}, {"status": "affected", "version": "9.17.1.20"}, {"status": "affected", "version": "9.17.1.30"}, {"status": "affected", "version": "9.18.1"}, {"status": "affected", "version": "9.18.1.3"}, {"status": "affected", "version": "9.18.2"}, {"status": "affected", "version": "9.18.2.5"}, {"status": "affected", "version": "9.18.2.7"}, {"status": "affected", "version": "9.18.2.8"}, {"status": "affected", "version": "9.18.3"}, {"status": "affected", "version": "9.18.3.39"}, {"status": "affected", "version": "9.19.1"}, {"status": "affected", "version": "9.19.1.5"}, {"status": "affected", "version": "9.19.1.9"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T16:13:53.836Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"source": {"defects": ["CSCwe95729"], "advisory": "cisco-sa-asaftd-saml-bypass-KkNvXyKW", "discovery": "EXTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Adaptive Security Appliance (ASA) Software", "versions": [{"status": "affected", "version": "9.8.2.28"}, {"status": "affected", "version": "9.8.2.33"}, {"status": "affected", "version": "9.8.2.35"}, {"status": "affected", "version": "9.8.2.38"}, {"status": "affected", "version": "9.8.3.8"}, {"status": "affected", "version": "9.8.3.11"}, {"status": "affected", "version": "9.8.3.14"}, {"status": "affected", "version": "9.8.3.16"}, {"status": "affected", "version": "9.8.3.18"}, {"status": "affected", "version": "9.8.3.21"}, {"status": "affected", "version": "9.8.3"}, {"status": "affected", "version": "9.8.3.26"}, {"status": "affected", "version": "9.8.3.29"}, {"status": "affected", "version": "9.8.4"}, {"status": "affected", "version": "9.8.4.3"}, {"status": "affected", "version": "9.8.4.7"}, {"status": "affected", "version": "9.8.4.8"}, {"status": "affected", "version": "9.8.4.10"}, {"status": "affected", "version": "9.8.4.12"}, {"status": "affected", "version": "9.8.4.15"}, {"status": "affected", "version": "9.8.4.17"}, {"status": "affected", "version": "9.8.4.25"}, {"status": "affected", "version": "9.8.4.20"}, {"status": "affected", "version": "9.8.4.22"}, {"status": "affected", "version": "9.8.4.26"}, {"status": "affected", "version": "9.8.4.29"}, {"status": "affected", "version": "9.8.4.32"}, {"status": "affected", "version": "9.8.4.33"}, {"status": "affected", "version": "9.8.4.34"}, {"status": "affected", "version": "9.8.4.35"}, {"status": "affected", "version": "9.8.4.39"}, {"status": "affected", "version": "9.8.4.40"}, {"status": "affected", "version": "9.8.4.41"}, {"status": "affected", "version": "9.8.4.43"}, {"status": "affected", "version": "9.8.4.44"}, {"status": "affected", "version": "9.8.4.45"}, {"status": "affected", "version": "9.8.4.46"}, {"status": "affected", "version": "9.8.4.48"}, {"status": "affected", "version": "9.12.1"}, {"status": "affected", "version": "9.12.1.2"}, {"status": "affected", "version": "9.12.1.3"}, {"status": "affected", "version": "9.12.2"}, {"status": "affected", "version": "9.12.2.4"}, {"status": "affected", "version": "9.12.2.5"}, {"status": "affected", "version": "9.12.2.9"}, {"status": "affected", "version": "9.12.3"}, {"status": "affected", "version": "9.12.3.2"}, {"status": "affected", "version": "9.12.3.7"}, {"status": "affected", "version": "9.12.4"}, {"status": "affected", "version": "9.12.3.12"}, {"status": "affected", "version": "9.12.3.9"}, {"status": "affected", "version": "9.12.2.1"}, {"status": "affected", "version": "9.12.4.2"}, {"status": "affected", "version": "9.12.4.4"}, {"status": "affected", "version": "9.12.4.7"}, {"status": "affected", "version": "9.12.4.10"}, {"status": "affected", "version": "9.12.4.13"}, {"status": "affected", "version": "9.12.4.8"}, {"status": "affected", "version": "9.12.4.18"}, {"status": "affected", "version": "9.12.4.24"}, {"status": "affected", "version": "9.12.4.26"}, {"status": "affected", "version": "9.12.4.29"}, {"status": "affected", "version": "9.12.4.30"}, {"status": "affected", "version": "9.12.4.35"}, {"status": "affected", "version": "9.12.4.37"}, {"status": "affected", "version": "9.12.4.38"}, {"status": "affected", "version": "9.12.4.39"}, {"status": "affected", "version": "9.12.4.40"}, {"status": "affected", "version": "9.12.4.41"}, {"status": "affected", "version": "9.12.4.47"}, {"status": "affected", "version": "9.12.4.48"}, {"status": "affected", "version": "9.12.4.50"}, {"status": "affected", "version": "9.12.4.52"}, {"status": "affected", "version": "9.12.4.54"}, {"status": "affected", "version": "9.12.4.55"}, {"status": "affected", "version": "9.12.4.56"}, {"status": "affected", "version": "9.12.4.58"}, {"status": "affected", "version": "9.14.1"}, {"status": "affected", "version": "9.14.1.10"}, {"status": "affected", "version": "9.14.1.6"}, {"status": "affected", "version": "9.14.1.15"}, {"status": "affected", "version": "9.14.1.19"}, {"status": "affected", "version": "9.14.1.30"}, {"status": "affected", "version": "9.14.2"}, {"status": "affected", "version": "9.14.2.4"}, {"status": "affected", "version": "9.14.2.8"}, {"status": "affected", "version": "9.14.2.13"}, {"status": "affected", "version": "9.14.2.15"}, {"status": "affected", "version": "9.14.3"}, {"status": "affected", "version": "9.14.3.1"}, {"status": "affected", "version": "9.14.3.9"}, {"status": "affected", "version": "9.14.3.11"}, {"status": "affected", "version": "9.14.3.13"}, {"status": "affected", "version": "9.14.3.18"}, {"status": "affected", "version": "9.14.3.15"}, {"status": "affected", "version": "9.14.4"}, {"status": "affected", "version": "9.14.4.6"}, {"status": "affected", "version": "9.14.4.7"}, {"status": "affected", "version": "9.14.4.12"}, {"status": "affected", "version": "9.14.4.13"}, {"status": "affected", "version": "9.14.4.14"}, {"status": "affected", "version": "9.14.4.15"}, {"status": "affected", "version": "9.14.4.17"}, {"status": "affected", "version": "9.14.4.22"}, {"status": "affected", "version": "9.14.4.23"}, {"status": "affected", "version": "9.14.4.24"}, {"status": "affected", "version": "9.15.1"}, {"status": "affected", "version": "9.15.1.7"}, {"status": "affected", "version": "9.15.1.10"}, {"status": "affected", "version": "9.15.1.15"}, {"status": "affected", "version": "9.15.1.16"}, {"status": "affected", "version": "9.15.1.17"}, {"status": "affected", "version": "9.15.1.1"}, {"status": "affected", "version": "9.15.1.21"}, {"status": "affected", "version": "9.16.1"}, {"status": "affected", "version": "9.16.1.28"}, {"status": "affected", "version": "9.16.2"}, {"status": "affected", "version": "9.16.2.3"}, {"status": "affected", "version": "9.16.2.7"}, {"status": "affected", "version": "9.16.2.11"}, {"status": "affected", "version": "9.16.2.13"}, {"status": "affected", "version": "9.16.2.14"}, {"status": "affected", "version": "9.16.3"}, {"status": "affected", "version": "9.16.3.3"}, {"status": "affected", "version": "9.16.3.14"}, {"status": "affected", "version": "9.16.3.15"}, {"status": "affected", "version": "9.16.3.19"}, {"status": "affected", "version": "9.16.3.23"}, {"status": "affected", "version": "9.16.4"}, {"status": "affected", "version": "9.16.4.9"}, {"status": "affected", "version": "9.16.4.14"}, {"status": "affected", "version": "9.16.4.18"}, {"status": "affected", "version": "9.16.4.19"}, {"status": "affected", "version": "9.17.1"}, {"status": "affected", "version": "9.17.1.7"}, {"status": "affected", "version": "9.17.1.9"}, {"status": "affected", "version": "9.17.1.10"}, {"status": "affected", "version": "9.17.1.11"}, {"status": "affected", "version": "9.17.1.13"}, {"status": "affected", "version": "9.17.1.15"}, {"status": "affected", "version": "9.17.1.20"}, {"status": "affected", "version": "9.17.1.30"}, {"status": "affected", "version": "9.18.1"}, {"status": "affected", "version": "9.18.1.3"}, {"status": "affected", "version": "9.18.2"}, {"status": "affected", "version": "9.18.2.5"}, {"status": "affected", "version": "9.18.2.7"}, {"status": "affected", "version": "9.18.2.8"}, {"status": "affected", "version": "9.18.3"}, {"status": "affected", "version": "9.18.3.39"}, {"status": "affected", "version": "9.19.1"}, {"status": "affected", "version": "9.19.1.5"}, {"status": "affected", "version": "9.19.1.9"}]}, {"vendor": "Cisco", "product": "Cisco Firepower Threat Defense Software", "versions": [{"status": "affected", "version": "6.2.3"}, {"status": "affected", "version": "6.2.3.1"}, {"status": "affected", "version": "6.2.3.2"}, {"status": "affected", "version": "6.2.3.3"}, {"status": "affected", "version": "6.2.3.4"}, {"status": "affected", "version": "6.2.3.5"}, {"status": "affected", "version": "6.2.3.6"}, {"status": "affected", "version": "6.2.3.7"}, {"status": "affected", "version": "6.2.3.8"}, {"status": "affected", "version": "6.2.3.10"}, {"status": "affected", "version": "6.2.3.11"}, {"status": "affected", "version": "6.2.3.9"}, {"status": "affected", "version": "6.2.3.12"}, {"status": "affected", "version": "6.2.3.13"}, {"status": "affected", "version": "6.2.3.14"}, {"status": "affected", "version": "6.2.3.15"}, {"status": "affected", "version": "6.2.3.16"}, {"status": "affected", "version": "6.2.3.17"}, {"status": "affected", "version": "6.2.3.18"}, {"status": "affected", "version": "6.6.0"}, {"status": "affected", "version": "6.6.0.1"}, {"status": "affected", "version": "6.6.1"}, {"status": "affected", "version": "6.6.3"}, {"status": "affected", "version": "6.6.4"}, {"status": "affected", "version": "6.6.5"}, {"status": "affected", "version": "6.6.5.1"}, {"status": "affected", "version": "6.6.5.2"}, {"status": "affected", "version": "6.6.7"}, {"status": "affected", "version": "6.6.7.1"}, {"status": "affected", "version": "6.6.7.2"}, {"status": "affected", "version": "6.4.0"}, {"status": "affected", "version": "6.4.0.1"}, {"status": "affected", "version": "6.4.0.3"}, {"status": "affected", "version": "6.4.0.2"}, {"status": "affected", "version": "6.4.0.4"}, {"status": "affected", "version": "6.4.0.5"}, {"status": "affected", "version": "6.4.0.6"}, {"status": "affected", "version": "6.4.0.7"}, {"status": "affected", "version": "6.4.0.8"}, {"status": "affected", "version": "6.4.0.9"}, {"status": "affected", "version": "6.4.0.10"}, {"status": "affected", "version": "6.4.0.11"}, {"status": "affected", "version": "6.4.0.12"}, {"status": "affected", "version": "6.4.0.13"}, {"status": "affected", "version": "6.4.0.14"}, {"status": "affected", "version": "6.4.0.15"}, {"status": "affected", "version": "6.4.0.16"}, {"status": "affected", "version": "6.7.0"}, {"status": "affected", "version": "6.7.0.1"}, {"status": "affected", "version": "6.7.0.2"}, {"status": "affected", "version": "6.7.0.3"}, {"status": "affected", "version": "7.0.0"}, {"status": "affected", "version": "7.0.0.1"}, {"status": "affected", "version": "7.0.1"}, {"status": "affected", "version": "7.0.1.1"}, {"status": "affected", "version": "7.0.2"}, {"status": "affected", "version": "7.0.2.1"}, {"status": "affected", "version": "7.0.3"}, {"status": "affected", "version": "7.0.4"}, {"status": "affected", "version": "7.0.5"}, {"status": "affected", "version": "7.1.0"}, {"status": "affected", "version": "7.1.0.1"}, {"status": "affected", "version": "7.1.0.2"}, {"status": "affected", "version": "7.1.0.3"}, {"status": "affected", "version": "7.2.0"}, {"status": "affected", "version": "7.2.0.1"}, {"status": "affected", "version": "7.2.1"}, {"status": "affected", "version": "7.2.2"}, {"status": "affected", "version": "7.2.3"}, {"status": "affected", "version": "7.2.4"}, {"status": "affected", "version": "7.3.0"}, {"status": "affected", "version": "7.3.1"}, {"status": "affected", "version": "7.3.1.1"}, {"status": "affected", "version": "7.3.1.2"}]}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-bypass-KkNvXyKW", "name": "cisco-sa-asaftd-saml-bypass-KkNvXyKW"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an affected device. This vulnerability is due to improper separation of authorization domains when using SAML authentication. An attacker could exploit this vulnerability by using valid credentials to successfully authenticate using their designated connection profile (tunnel group), intercepting the SAML SSO token that is sent back from the Cisco ASA device, and then submitting the same SAML SSO token to a different tunnel group for authentication. A successful exploit could allow the attacker to establish a remote access VPN session using a connection profile that they are not authorized to use and connect to secured networks behind the affected device that they are not authorized to access. For successful exploitation, the attacker must have valid remote access VPN user credentials."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-862", "description": "Missing Authorization"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-05-22T16:54:35.619Z"}}}, "cveMetadata": {"cveId": "CVE-2024-20355", "state": "PUBLISHED", "dateUpdated": "2024-08-01T21:59:42.284Z", "dateReserved": "2023-11-08T15:08:07.648Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2024-05-22T16:54:35.619Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an affected device. This vulnerability is due to improper separation of authorization domains when using SAML authentication. An attacker could exploit this vulnerability by using valid credentials to successfully authenticate using their designated connection profile (tunnel group), intercepting the SAML SSO token that is sent back from the Cisco ASA device, and then submitting the same SAML SSO token to a different tunnel group for authentication. A successful exploit could allow the attacker to establish a remote access VPN session using a connection profile that they are not authorized to use and connect to secured networks behind the affected device that they are not authorized to access. For successful exploitation, the attacker must have valid remote access VPN user credentials."}, {"lang": "es", "value": "Una vulnerabilidad en la implementaci\u00f3n del inicio de sesi\u00f3n \u00fanico (SSO) de SAML 2.0 para servicios VPN de acceso remoto en el software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto autenticado establezca con \u00e9xito una VPN. sesi\u00f3n en un dispositivo afectado. Esta vulnerabilidad se debe a una separaci\u00f3n inadecuada de los dominios de autorizaci\u00f3n cuando se utiliza la autenticaci\u00f3n SAML. Un atacante podr\u00eda aprovechar esta vulnerabilidad utilizando credenciales v\u00e1lidas para autenticarse exitosamente usando su perfil de conexi\u00f3n designado (grupo de t\u00faneles), interceptando el token SAML SSO que se env\u00eda desde el dispositivo Cisco ASA y luego enviando el mismo token SAML SSO a un t\u00fanel diferente. grupo para la autenticaci\u00f3n. Un exploit exitoso podr\u00eda permitir al atacante establecer una sesi\u00f3n VPN de acceso remoto utilizando un perfil de conexi\u00f3n que no est\u00e1 autorizado a usar y conectarse a redes seguras detr\u00e1s del dispositivo afectado a las que no est\u00e1 autorizado a acceder. Para una explotaci\u00f3n exitosa, el atacante debe tener credenciales de usuario de VPN de acceso remoto v\u00e1lidas."}], "id": "CVE-2024-20355", "lastModified": "2024-05-22T18:59:20.240", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 1.4, "source": "ykramarz@cisco.com", "type": "Secondary"}]}, "published": "2024-05-22T17:16:13.477", "references": [{"source": "ykramarz@cisco.com", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-bypass-KkNvXyKW"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object