CVE-2020-3452 | Cisco ASA/FTDĿ¼±éÀú·ì϶¹«¸æ

°ä²¼¹¦·ò 2020-07-23

0x00 ·ì϶¸ÅÊö


CVE   ID

CVE-2020-3452

ʱ    ¼ä

2020-07-23

Àà   ÐÍ

PT

µÈ    ¼¶

¸ßΣ

Ô¶³ÌÀûÓÃ

ÊÇ

Ó°ÏìÁìÓò


0x01 ·ì϶ÏêÇé


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


2020Äê7ÔÂ22ÈÕ£¬£¬£¬£¬ £¬£¬£¬£¬Cisco°ä²¼°²È«²¼¸æ£¬£¬£¬£¬ £¬£¬£¬£¬½¨¸´ÁËÒ»¸öAdaptive Security Appliance£¨ASA£©ºÍFirepower Threat Defense£¨FTD£©Èí¼þµÄĿ¼±éÀú·ì϶£¨CVE-2020-3452£©¡£¡£ ¡£¡£¡£¡£¡£

Cisco Adaptive Security Appliances SoftwareÊÇÒ»Ì×·À»ðǽºÍÍøÂ簲ȫƽ̨¡£¡£ ¡£¡£¡£¡£¡£¸Ãƽ̨ÖØÒªÓÃÓÚ¶ÔÊý¾ÝºÍÍøÂç×ÊÔ´µÄ¸ß¶È°²È«µÄ½Ó¼ûµÈ£¬£¬£¬£¬ £¬£¬£¬£¬Cisco Firepower Threat DefenseÊÇÒ»Ì×ÌṩÏÂÒ»´ú·À»ðǽ·þÎñµÄͳһÈí¼þ¡£¡£ ¡£¡£¡£¡£¡£

¸Ã·ì϶ԴÓÚASAºÍFTDµÄ web ·þÎñ½Ó¿ÚÔÚ´¦ÖÃHTTPÒªÇóµÄURLʱ²»×ãÕýÈ·µÄÊäÈëÑéÖ¤£¬£¬£¬£¬ £¬£¬£¬£¬µ¼Ö¹¥»÷ÕßÄܹ»ÔÚÖ¸±êÉ豸Éϲ鿴ϵͳÄÚµÄËÁÒâÎļþ¡£¡£ ¡£¡£¡£¡£¡£

°ÑÎÈ£ºµ±É豸ÅäÖÃÁËWebVPN»òAnyConnectÖ°ÄÜ£¬£¬£¬£¬ £¬£¬£¬£¬½«ÆôÓÃWeb·þÎñʱ£¬£¬£¬£¬ £¬£¬£¬£¬²Å»áÊܵ½¸Ã·ì϶ӰÏ죬£¬£¬£¬ £¬£¬£¬£¬µ«ÊǸ÷ì϶²»ÄÜÓÃÓÚ½Ó¼ûASA»òFTDϵͳÎļþ»òµ×²ã²Ù×÷ϵͳ(OS)Îļþ¡£¡£ ¡£¡£¡£¡£¡£

Ä¿Ç°Òѹ«¿ªÁ˸÷ì϶µÄPoC£¬£¬£¬£¬ £¬£¬£¬£¬Á´½ÓÈçÏ£º

https://twitter.com/aboul3la/status/1286012324722155525


0x02 Ó°ÏìÁìÓò


ÒÔÏÂÊÇCVE-2020-3452·ì϶ÊÜÓ°ÏìµÄϵͳ°æ±¾£º

Cisco ASA É豸ӰÏì°æ±¾:

<9.6.1

9.6 < 9.6.4.42

9.71

9.8 < 9.8.4.20

9.9 < 9.9.2.74

9.10 < 9.10.1.42

9.12 < 9.12.3.12

9.13 < 9.13.1.10

9.14 < 9.14.1.10

Cisco FTDÉ豸ӰÏì°æ±¾£º

6.2.2

6.2.3 < 6.2.3.16

6.3.0 < Migrate to 6.4.0.9 + Hot Fix or to 6.6.0.1

6.4.0 < 6.4.0.9 + Hot Fix

6.5.0 < Migrate to 6.6.0.1 or 6.5.0.4 + Hot Fix (August 2020)

6.6.0 < 6.6.0.1

ASAºÍFTDÉ豸Ò×Êܹ¥»÷µÄÅäÖÃÈçÏÂ:


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


0x03 ´ëÖý¨Òé


Ä¿Ç°³§ÉÌÒѰ䲼а汾£¬£¬£¬£¬ £¬£¬£¬£¬Ïê¼ûϱí£¬£¬£¬£¬ £¬£¬£¬£¬×óÁÐÊÇÊܸ÷ì϶ӰÏìµÄÈí¼þ°æ±¾£¬£¬£¬£¬ £¬£¬£¬£¬ÓÒÁÐÊdz§ÉÌ°ä²¼µÄ¸üа汾£º

Cisco ASA£º


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


Cisco ASAÈí¼þ9.5°æ¼°¸üÔç°æ±¾ÒÔ¼°9.7°æÒѾ­ÖÕ³¡ÊØ»¤¡£¡£ ¡£¡£¡£¡£¡£

Cisco FTD£º


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


ÉÏͼÖйØÓÚCisco FTD Hot Fix ϸ½Ú£¬£¬£¬£¬ £¬£¬£¬£¬Ïê¼ûÏÂͼ£º


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


Éý¼¶Cisco FTD°æ±¾£¬£¬£¬£¬ £¬£¬£¬£¬Óû§Äܹ»Ñ¡ÔñÒÔÏÂÆäÖÐÒ»¸ö²½ÖèÖ´ÐУº

? ¶ÔÓÚCisco Firepower Management Center£¨FMC£©£¬£¬£¬£¬ £¬£¬£¬£¬Ê¹ÓÃFMC½çÃæ×°ÖÃÉý¼¶¡£¡£ ¡£¡£¡£¡£¡£×°ÖÃʵÏֺ󣬣¬£¬£¬ £¬£¬£¬£¬³ÁÐÂÀûÓýӼû½ÚÔìÕ½Êõ£»£»£»£» £» £»£»£»

? ¶ÔÓÚCisco Firepower Device Manager£¨FDM£©£¬£¬£¬£¬ £¬£¬£¬£¬Ê¹ÓÃFDM½çÃæ×°ÖÃÉý¼¶¡£¡£ ¡£¡£¡£¡£¡£×°ÖÃʵÏֺ󣬣¬£¬£¬ £¬£¬£¬£¬³ÁÐÂÀûÓýӼû½ÚÔìÕ½Êõ¡£¡£ ¡£¡£¡£¡£¡£


0x04 ÓйØÐÂÎÅ


https://www.security-database.com/detail.php?alert=CVE-2020-3452


0x05 ²Î¿¼Á´½Ó


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86


0x06 ¹¦·òÏß


2020-07-22 Cisco°ä²¼°²È«²¼¸æ

2020-07-23 VSRC°ä²¼·ì϶¹«¸æ


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website