CVE-2018-0227

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Software (affected versions not specified)

Description: A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature could allow an unauthenticated, remote attacker to establish an SSL VPN connection and bypass certain SSL certificate verification steps. The vulnerability is due to incorrect verification of the SSL Client Certificate. An attacker could exploit this vulnerability by connecting to the ASA VPN without a proper private key and certificate pair. A successful exploit could allow the attacker to establish an SSL VPN connection to the ASA when the connection should have been rejected.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.