Damian Poole

**Name of the Vulnerable Software and Affected Versions** Cisco Adaptive Security Appliance (ASA) Software (affected versions not specified) Cisco Firepower Threat Defense (FTD) Software (affected versions not specified) **Description** The issue is related to the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software. It is caused by insufficient validation of the login URL, allowing an unauthenticated, remote attacker to intercept the SAML assertion of a user who is authenticating to a remote access VPN session. This could enable the attacker to establish a remote access VPN session toward the affected device with the identity and permissions of the hijacked user, resulting in access to the protected network. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.