CVE-2018-0229

Name of the Vulnerable Software and Affected Versions Cisco AnyConnect Secure Mobility Client, Cisco Adaptive Security Appliance (ASA) Software, and Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description A vulnerability in the implementation of Security Assertion Markup Language (SAML) Single Sign-On (SSO) authentication could allow an unauthenticated, remote attacker to establish an authenticated AnyConnect session through an affected device running ASA or FTD Software. The authentication would need to be done by an unsuspecting third party, aka Session Fixation. An attacker could exploit this vulnerability by persuading a user to click a crafted link and authenticating using the company's Identity Provider (IdP). A successful exploit could allow the attacker to hijack a valid authentication token and use that to establish an authenticated AnyConnect session.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.