CVE-2018-20193

Name of the Vulnerable Software and Affected Versions Secure Access SA Series SSL VPN versions 4.2 through 5.1R5

Description The issue allows for privilege escalation. This is demonstrated by the ability of a readonly user to change the administrator user password. The exploitation occurs because appropriate controls are not performed, allowing a readonly user to make a local copy of the /dana-admin/user/update.cgi page, change the user value, and save the changes.

Recommendations For Secure Access SA Series SSL VPN versions 4.2 through 5.1R5, consider restricting access to the /dana-admin/user/update.cgi page to prevent unauthorized changes to the administrator user password. As a temporary workaround, restrict the ability of readonly users to modify the user value in the update.cgi page until a patch is available.