CVE-2019-1714

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance versions prior to the fixed version Cisco Firepower Threat Defense versions prior to the fixed version

Description The issue is related to improper credential management when using NT LAN Manager (NTLM) or basic authentication in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN. An unauthenticated, remote attacker could exploit this by opening a VPN session to an affected device after another VPN user has successfully authenticated to the affected device via SAML SSO, potentially allowing the attacker to connect to secured networks behind the affected device.

Recommendations For Cisco Adaptive Security Appliance, update to a version that includes the fix for this issue. For Cisco Firepower Threat Defense, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the SAML SSO feature until a patch is available. Avoid using NTLM or basic authentication for VPN connections until the issue is resolved.