A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to retrieve memory contents on an affected device, which could lead to the disclosure of confidential information. The vulnerability is due to a buffer tracking issue when the software parses invalid URLs that are requested from the web services interface. An attacker could exploit this vulnerability by sending a crafted GET request to the web services interface. A successful exploit could allow the malicious user to retrieve memory contents, which could lead to the disclosure of confidential information. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco firepower threat defense |
||
cisco adaptive security appliance software |
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Evidence mounts of an exploit gatekept within Russia's borders
Security researchers believe the Akira ransomware group could be exploiting a nearly four-year-old Cisco vulnerability and using it as an entry point into organizations' systems. In eight of security company TrueSec's most recent incident response engagements that involved Akira and Cisco's AnyConnect SSL VPN as the entry point, at least six of the devices were running versions vulnerable to CVE-2020-3259, which was patched in May 2020. The vulnerability lies in the web services interface of Cis...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources PLUS: Akira ransomware resurgent; Telehealth outfit fined for data-sharing; This week's nastiest vulns
Infosec In Brief In a cautionary tale that no one is immune from attack, the security org MITRE has admitted that it got pwned. The non-profit reported that its R&D research center – the Networked Experimentation, Research, and Virtualization Environment (NERVE) – was penetrated using zero-day flaws in an Ivanti virtual private network. MITRE reports it was one of many targeted by what it's described as "a foreign nation-state threat actor." "No organization is immune from this type of c...