HTTP: Cisco ASA SSL WebVPN Security Bypass
This signature detects attempts to exploit a known vulnerability against Cisco ASA SSL WebVPN. Attackers can bypass security authentications which could lead to further attacks.
Extended Description
The Clientless SSL VPN portal customization framework in Cisco ASA Software 8.2 before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.6 before 8.6(1.14), 9.0 before 9.0(4.24), 9.1 before 9.1(5.12), and 9.2 before 9.2(2.4) does not properly implement authentication, which allows remote attackers to modify RAMFS customization objects via unspecified vectors, as demonstrated by inserting XSS sequences or capturing credentials, aka Bug ID CSCup36829.
Affected Products
Cisco adaptive_security_appliance_software
Short Name
HTTP:CISCO:ASA-VPN-SEC-BYPASS
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
ASA Bypass CVE-2014-3393 Cisco SSL Security WebVPN
Release Date
07/20/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Cisco
CVSS Score
4.3