Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021

On March 25, 2021, the OpenSSL Project released a security advisory, OpenSSL Security Advisory [25 March 2021], that disclosed two vulnerabilities.

Exploitation of these vulnerabilities could allow an attacker to use a valid non-certificate authority (CA) certificate to act as a CA and sign a certificate for an arbitrary organization, user or device, or to cause a denial of service (DoS) condition.

This advisory will be updated as additional information becomes available.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd

Security Impact Rating: High

CVE: CVE-2021-3449,CVE-2021-3450

Related:

  • No Related Posts

Error “Could not import the certificate” when uploading external SSL certificate to Citrix Endpoint Management console

To repackage the certificate keystore, rebuild the keystore using the old one.

1. Extract Private key from the old keystore to private-key.pem

openssl pkcs12 -in <oldkeystorefile>.pfx -nocerts -out private-key.pem -nodes

2. Extract the certificate to certificate.pem

openssl pkcs12 -in <oldkeystorefile>.pfx -nokeys -out certificate.pem

3. Open certificate.pem in a text editor

Copy 1st Certificate from “—-BEGIN CERTIFICATE—–” to “—–END CERTIFICATE—–” to file called ssl_cert.pem

Copy next 2 or more certificates from “—-BEGIN CERTIFICATE—–” to “—–END CERTIFICATE—–” to file called ssl_intermediateandroot.pem

4. Verify ssl cert.

openssl x509 -text -noout -in ssl_cert.pem

5. Verify certificate chain.

openssl x509 -text -noout -in ssl_intermediateandroot.pem

6. Export combined pfx file

openssl pkcs12 -export -out ssl_cert_with_full_chain.pfx -inkey private-key.pem -in ssl_cert.pem -certfile ssl_intermediateandroot.pem

Note: This step will ask for a password.

Related:

  • No Related Posts

Cisco Adaptive Security Appliance Software SSL/TLS Denial of Service Vulnerability

A vulnerability in the SSL/TLS handler of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause the affected device to reload unexpectedly, leading to a denial of service (DoS) condition.

The vulnerability is due to improper error handling on established SSL/TLS connections. An attacker could exploit this vulnerability by establishing an SSL/TLS connection with the affected device and then sending a malicious SSL/TLS message within that connection. A successful exploit could allow the attacker to cause the device to reload.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-dos-7uZWwSEy

Security Impact Rating: High

CVE: CVE-2020-27124

Related:

  • No Related Posts

Cisco Firepower Threat Defense Software SSL Input Validation Denial of Service Vulnerability

A vulnerability in the ssl_inspection component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to crash Snort instances.

The vulnerability is due to insufficient input validation in the ssl_inspection component. An attacker could exploit this vulnerability by sending a malformed TLS packet through a Cisco Adaptive Security Appliance (ASA). A successful exploit could allow the attacker to crash a Snort instance, resulting in a denial of service (DoS) condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-mf3822Z

Security Impact Rating: Medium

CVE: CVE-2020-3317

Related:

  • No Related Posts

Cisco Firepower 1000 Series Bleichenbacher Attack Vulnerability

A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information.

The vulnerability is due to improper implementation of countermeasures against the Bleichenbacher attack for cipher suites that rely on RSA for key exchange. An attacker could exploit this vulnerability by sending crafted TLS messages to the device, which would act as an oracle and allow the attacker to carry out a chosen-ciphertext attack. A successful exploit could allow the attacker to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions to the affected device.

To exploit this vulnerability, an attacker must be able to perform both of the following actions:

  • Capture TLS traffic that is in transit between clients and the affected device
  • Actively establish a considerable number of TLS connections to the affected device

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-tls-bb-2g9uWkP

Security Impact Rating: Medium

CVE: CVE-2020-3585

Related:

  • No Related Posts

Cisco Industrial Network Director Denial of Service Vulnerability

A vulnerability in the management REST API of Cisco Industrial Network Director (IND) could allow an authenticated, remote attacker to cause the CPU utilization to increase to 100 percent, resulting in a denial of service (DoS) condition on an affected device.

The vulnerability is due to insufficient validation of requests sent to the REST API. An attacker could exploit this vulnerability by sending a crafted request to the REST API. A successful exploit could allow the attacker to cause a permanent DoS condition that is due to high CPU utilization. Manual intervention may be required to recover the Cisco IND.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ind-dos-BwG634zn

Security Impact Rating: Medium

CVE: CVE-2020-3567

Related:

  • No Related Posts

Cisco Jabber for Windows Universal Naming Convention Link Handling Vulnerability

A vulnerability in Cisco Jabber for Windows software could allow an authenticated, remote attacker to gain access to sensitive information.

The vulnerability is due to improper validation of message contents. An attacker could exploit this vulnerability by sending specially crafted messages that contain Universal Naming Convention (UNC) links to a targeted user and convincing the user to follow the provided link. A successful exploit could allow the attacker to cause the application to access a remote system, possibly allowing the attacker to gain access to sensitive information that the attacker could use in additional attacks.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-jabber-G3NSjPn7

Security Impact Rating: Medium

CVE: CVE-2020-3537

Related:

  • No Related Posts

Cisco Vision Dynamic Signage Director Directory Traversal Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to view potentially sensitive information on an affected device.

The vulnerability is due to incorrect permissions within Apache configuration. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to view potentially sensitive information on the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vdsd-W7mnkwj7

Security Impact Rating: Medium

CVE: CVE-2020-3484

Related:

Cisco Data Center Network Manager Read File Path Traversal Vulnerability

A vulnerability in a specific REST API of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device.

The vulnerability is due to insufficient validation of user-supplied input to the API. An attacker with a low-privileged account could exploit this vulnerability by sending a crafted request to the API. A successful exploit could allow the attacker to read arbitrary files on the affected system.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-file-path-6PKONjHe

Security Impact Rating: Medium

CVE: CVE-2020-3521

Related:

  • No Related Posts

Cisco Data Center Network Manager Improper Authorization Vulnerability

A vulnerability in the REST API endpoint of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with a low-privileged account to bypass authorization on the API of an affected device.

The vulnerability is due to insufficient authorization of certain API functions. An attacker could exploit this vulnerability by sending a crafted request to the API using low-privileged credentials. A successful exploit could allow the attacker to perform arbitrary actions through the REST API with administrative privileges.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-improper-auth-7Krd9TDT

Security Impact Rating: High

CVE: CVE-2020-3386

Related:

  • No Related Posts