Federated Authentication Service (FAS) | Unable To Launch App “Invalid User Name Or Wrong Password”

Federated Authentication Service (FAS) | Unable to launch apps “Invalid user name or wrong password”

System logs:

Event ID 8

The domain controller rejected the client certificate of user U1@abc.com, used for smart card logon. The following error was returned from the certificate validation process: A certificate chain processed correctly, but one of the CA certificate is not trusted by the policy provider.

Related:

  • No Related Posts

Cisco IP Phones Call Log Information Disclosure Vulnerability

A vulnerability in the Web Access feature of Cisco IP Phones could allow an unauthenticated, remote attacker to view sensitive information on an affected device.

The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending malicious requests to the device, which could allow the attacker to bypass access restrictions. A successful attack could allow the attacker to view sensitive information, including device call logs that contain names, usernames, and phone numbers of users of the device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExM

Security Impact Rating: Medium

CVE: CVE-2020-3360

Related:

  • No Related Posts

Cisco IP Phones Series 7800 and Series 8800 Call Log Information Disclosure Vulnerability

A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device.

The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending malicious requests to the device, which could allow the attacker to bypass access restrictions. A successful attack could allow the attacker to view sensitive information, including device call logs that contain names, usernames, and phone numbers of users of the device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExM

Security Impact Rating: Medium

CVE: CVE-2020-3360

Related:

  • No Related Posts

Cisco AMP for Endpoints and ClamAV Privilege Escalation Vulnerability

A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system.

The vulnerability is due to a race condition that could occur when scanning malicious files. An attacker with local shell access could exploit this vulnerability by executing a script that could trigger the race condition. A successful exploit could allow the attacker to delete arbitrary files on the system that the attacker would not normally have privileges to delete, producing system instability or causing the endpoint software to stop working.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-famp-ZEpdXy

Security Impact Rating: Medium

CVE: CVE-2020-3350

Related:

  • No Related Posts

Error: “Invalid Certificate” When Installing SSL Certificate on ADC Appliance

Hidden Control Characters in CertificateKey File

You can use OpenSSL implementation of BSD Unix distribution on ADC to import/export the certificate and key files. The exported files are free of the control characters that are preventing successful installation of the certificate and key files:

  1. Use a secure copy program (WinSCP ) to copy the certificate and key files to the/nsconfig/ssl directory of the ADC appliance.

    The Certificate and Key files can also be uploaded to the ADC using the Configuration Utility. Navigate to Traffic Management > SSL > Manage Certificates / Keys / CSRs > Upload as shown in the following screen shots:

    User-added image

    User-added image

  2. Open a Secure Shell (SSH) session to the appliance, and after authentication, run the shell command to switch to shell.

  3. Navigate to /nsconfig/ssl directory:

    cd /nsconfig/ssl

  4. Use OpenSSL to import and export the certificate file. The following example is for PEM or Base64 certificates:

    openssl x509 -in <certificateFileName> -out <newCertificateFileName>

  5. Use OpenSSL to import and export the key file. The following example is for PEM or Base64 key files:

    openssl rsa -in <keyFileName> -out <newKeyFileName>

You will now be able to successfully import the certificate on the ADC appliance by using the new exported version of the files.

SSL Certificate not Encoded in Base-64 Format

Open the certificate on a Windows computer and convert it to Base-64 encoded X.509 (.CER) and then install the certificate on the appliance:

  1. Go to Start > Run and type mmc on a Windows machine.

    User-added image

  2. Double-click and open the certificate file that you want to convert.

    User-added image

  3. Click Details.

    User-added image

  4. Click Copy to File.

  5. Select the Base-64 encoded X.509 (.CER) option.

  6. Click Next.

    User-added image

  7. Browse to the location you want to save the converted certificate. Name the file with a .cer extension.

    User-added image

  8. Click Next.

Install the converted certificate on the NetScaler appliance.

PKCS #7 Certificate Incorrectly Converted to PEM Format

This error occurs when the PKCS #7 (.p7b) certificate is incorrectly converted to PEM format. Refer to CTX124783 – How to Convert a PKCS #7 Certificate to PEM Format for the correct procedure.

Related:

  • No Related Posts

Cisco Digital Network Architecture Center Information Disclosure Vulnerability

A vulnerability in the audit logging component of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to view sensitive information in clear text.

The vulnerability is due to the storage of certain unencrypted credentials. An attacker could exploit this vulnerability by accessing the audit logs and obtaining credentials that they may not normally have access to. A successful exploit could allow the attacker to use those credentials to discover and manage network devices.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-audit-log-59RBdwb6

Security Impact Rating: Medium

CVE: CVE-2020-3281

Related:

  • No Related Posts

Cisco IOS and IOS XE Software Common Industrial Protocol Denial of Service Vulnerabilities

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.

The vulnerabilities are due to insufficient input processing of CIP traffic. An attacker could exploit these vulnerabilities by sending crafted CIP traffic to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cipdos-hkfTZXEx

This advisory is part of the June 3, 2020, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 23 Cisco Security Advisories that describe 25 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: June 2020 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication.

Security Impact Rating: High

CVE: CVE-2020-3225

Related:

Cisco IOx Application Framework Arbitrary File Creation Vulnerability

A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an
authenticated, remote attacker to write or modify arbitrary files in the
virtual instance that is running on the affected device.

The vulnerability is due to insufficient input validation of
user-supplied application packages. An attacker who can upload a
malicious package within Cisco IOx could exploit the vulnerability to
modify arbitrary files. The impacts of a successful exploit are limited
to the scope of the virtual instance and do not affect the device that
is hosting Cisco IOx.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-caf-3dXM8exv

Security Impact Rating: High

CVE: CVE-2020-3238

Related:

  • No Related Posts