Vulnerability Description
A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to intercept the SAML assertion of a user who is authenticating to a remote access VPN session. This vulnerability is due to insufficient validation of the login URL. An attacker could exploit this vulnerability by persuading a user to access a site that is under the control of the attacker, allowing the attacker to modify the login URL. A successful exploit could allow the attacker to intercept a successful SAML assertion and use that assertion to establish a remote access VPN session toward the affected device with the identity and permissions of the hijacked user, resulting in access to the protected network.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Adaptive Security Appliance Software | >= 9.18.1, <= 9.18.3.46 |
| Cisco | Firepower Threat Defense | 7.2.4 |
Related Weaknesses (CWE)
References
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/ciVendor Advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/ciVendor Advisory
FAQ
What is CVE-2023-20264?
CVE-2023-20264 is a vulnerability with a CVSS score of 6.1 (MEDIUM). A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepowe...
How severe is CVE-2023-20264?
CVE-2023-20264 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-20264?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Adaptive Security Appliance Software, Cisco Firepower Threat Defense.