Cisco Family May 2024 1st Security Update Advisory

Overview

 

Cisco(https://www.cisco.com) has released a security update that fixes vulnerabilities in products it has been made. Users of affected systems are advised to update to the latest version.

 

Affected Products

 

Cisco Adaptive Security Appliance (ASA) Software

Cisco Firepower Management Center

Cisco Firepower Threat Defense Software

Cisco UTD SNORT IPS Engine Software

 

Resolved Vulnerabilities

 

Vulnerability in Cisco Firepower Management Center to obtain data from a database due to the web-based administration interface not properly validating user input (CVE-2024-20360, CVSS 8.8) [1]

Vulnerability in Cisco Firepower Threat Defense Software,Cisco Adaptive Security Appliance (ASA) Software due to insufficient handling of certain logic to bypass ACL protection configured on affected devices (CVE-2024-20293, CVSS 5.8) [2]

Vulnerability in Cisco Firepower Threat Defense Software,Cisco UTD SNORT IPS Engine Software due to incorrect HTTP packet handling, which could bypass configured ips rules and allow uninspected traffic into the network (CVE-2024-20363, CVSS 5.8) [3]

Vulnerability in Cisco Firepower Threat Defense Software to send encrypted archive files due to lack of handling of certain logic (CVE-2024-20261, CVSS 5.8) [4]

Vulnerability in Cisco Adaptive Security Appliance (ASA) Software,Cisco Firepower Threat Defense Software due to improper separation of authentication domains when using SAML authentication, which allows remote access VPN sessions to be established using an unprivileged connection profile and connect to a secure network behind an unauthorized affected device (CVE-2024-20355, CVSS 5.0) [5]

 

Vulnerability Patches

 

Product-specific Vulnerability patches were made available in the 05/22/2024 update. Please refer to the ‘Affected Products’ and ‘Fixed Software’ in the product-specific information in the Referenced Sites below to apply the patches.

 

Referenced Sites

 

[1] Cisco Firepower Management Center Software SQL Injection Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sqli-WFFDnNOs

[2] Cisco Adaptive Security Appliance and Firepower Threat Defense Software Inactive-to-Active ACL Bypass Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ogsnsg-aclbyp-3XB8q6jX

[3] Multiple Cisco Products Snort 3 HTTP Intrusion Prevention System Rule Bypass Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-ips-bypass-uE69KBMd

[4] Cisco Firepower Threat Defense Software Encrypted Archive File Policy Bypass Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-archive-bypass-z4wQjwcN

[5] Cisco Adaptive Security Appliance and Firepower Threat Defense Software Authorization Bypass Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-bypass-KkNvXyKW