CVE-2020-3452 | Cisco ASA/FTDĿ¼±éÀúÎó²îͨ¸æ

Ðû²¼Ê±¼ä 2020-07-23

0x00 Îó²î¸ÅÊö


CVE   ID

CVE-2020-3452

ʱ    ¼ä

2020-07-23

Àà   ÐÍ

PT

µÈ    ¼¶

¸ßΣ

Ô¶³ÌʹÓÃ

ÊÇ

Ó°Ïì¹æÄ£


0x01 Îó²îÏêÇé


ÍòÀû¹ú¼Ê¹ÙÍø(ÖйúÓÎ)ÓÐÏÞ¹«Ë¾


2020Äê7ÔÂ22ÈÕ £¬£¬£¬£¬£¬CiscoÐû²¼Ç徲ͨ¸æ £¬£¬£¬£¬£¬ÐÞ¸´ÁËÒ»¸öAdaptive Security Appliance£¨ASA£©ºÍFirepower Threat Defense£¨FTD£©Èí¼þµÄĿ¼±éÀúÎó²î£¨CVE-2020-3452£©¡£¡£¡£¡£¡£¡£¡£¡£

Cisco Adaptive Security Appliances SoftwareÊÇÒ»Ì×·À»ðǽºÍÍøÂçÇ徲ƽ̨¡£¡£¡£¡£¡£¡£¡£¡£¸Ãƽ̨Ö÷ÒªÓÃÓÚ¶ÔÊý¾ÝºÍÍøÂç×ÊÔ´µÄ¸ß¶ÈÇå¾²µÄ»á¼ûµÈ £¬£¬£¬£¬£¬Cisco Firepower Threat DefenseÊÇÒ»Ì×ÌṩÏÂÒ»´ú·À»ðǽЧÀ͵ÄͳһÈí¼þ¡£¡£¡£¡£¡£¡£¡£¡£

¸ÃÎó²îÔ´ÓÚASAºÍFTDµÄ web ЧÀͽӿÚÔÚ´¦Öóͷ£HTTPÇëÇóµÄURLʱȱ·¦×¼È·µÄÊäÈëÑéÖ¤ £¬£¬£¬£¬£¬µ¼Ö¹¥»÷Õß¿ÉÒÔÔÚÄ¿µÄ×°±¸ÉÏÉó²éϵͳÄÚµÄí§ÒâÎļþ¡£¡£¡£¡£¡£¡£¡£¡£

×¢ÖØ£ºµ±×°±¸ÉèÖÃÁËWebVPN»òAnyConnect¹¦Ð§ £¬£¬£¬£¬£¬½«ÆôÓÃWebЧÀÍʱ £¬£¬£¬£¬£¬²Å»áÊܵ½¸ÃÎó²îÓ°Ïì £¬£¬£¬£¬£¬¿ÉÊǸÃÎó²î²»¿ÉÓÃÓÚ»á¼ûASA»òFTDϵͳÎļþ»òµ×²ã²Ù×÷ϵͳ(OS)Îļþ¡£¡£¡£¡£¡£¡£¡£¡£

ÏÖÔÚÒѹûÕæÁ˸ÃÎó²îµÄPoC £¬£¬£¬£¬£¬Á´½ÓÈçÏ£º

https://twitter.com/aboul3la/status/1286012324722155525


0x02 Ó°Ïì¹æÄ£


ÒÔÏÂÊÇCVE-2020-3452Îó²îÊÜÓ°ÏìµÄϵͳ°æ±¾£º

Cisco ASA ×°±¸Ó°Ïì°æ±¾:

<9.6.1

9.6 < 9.6.4.42

9.71

9.8 < 9.8.4.20

9.9 < 9.9.2.74

9.10 < 9.10.1.42

9.12 < 9.12.3.12

9.13 < 9.13.1.10

9.14 < 9.14.1.10

Cisco FTD×°±¸Ó°Ïì°æ±¾£º

6.2.2

6.2.3 < 6.2.3.16

6.3.0 < Migrate to 6.4.0.9 + Hot Fix or to 6.6.0.1

6.4.0 < 6.4.0.9 + Hot Fix

6.5.0 < Migrate to 6.6.0.1 or 6.5.0.4 + Hot Fix (August 2020)

6.6.0 < 6.6.0.1

ASAºÍFTD×°±¸Ò×Êܹ¥»÷µÄÉèÖÃÈçÏÂ:


ÍòÀû¹ú¼Ê¹ÙÍø(ÖйúÓÎ)ÓÐÏÞ¹«Ë¾


ÍòÀû¹ú¼Ê¹ÙÍø(ÖйúÓÎ)ÓÐÏÞ¹«Ë¾


0x03 ´¦Öóͷ£½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Ð°汾 £¬£¬£¬£¬£¬Ïê¼ûÏÂ±í £¬£¬£¬£¬£¬×óÁÐÊÇÊܸÃÎó²îÓ°ÏìµÄÈí¼þ°æ±¾ £¬£¬£¬£¬£¬ÓÒÁÐÊdz§ÉÌÐû²¼µÄ¸üа汾£º

Cisco ASA£º


ÍòÀû¹ú¼Ê¹ÙÍø(ÖйúÓÎ)ÓÐÏÞ¹«Ë¾


Cisco ASAÈí¼þ9.5°æ¼°¸üÔç°æ±¾ÒÔ¼°9.7°æÒѾ­×èֹά»¤¡£¡£¡£¡£¡£¡£¡£¡£

Cisco FTD£º


ÍòÀû¹ú¼Ê¹ÙÍø(ÖйúÓÎ)ÓÐÏÞ¹«Ë¾


ÉÏͼÖйØÓÚCisco FTD Hot Fix ϸ½Ú £¬£¬£¬£¬£¬Ïê¼ûÏÂͼ£º


ÍòÀû¹ú¼Ê¹ÙÍø(ÖйúÓÎ)ÓÐÏÞ¹«Ë¾


Éý¼¶Cisco FTD°æ±¾ £¬£¬£¬£¬£¬Óû§¿ÉÒÔÑ¡ÔñÒÔÏÂÆäÖÐÒ»¸öÒªÁìÖ´ÐУº

? ¹ØÓÚCisco Firepower Management Center£¨FMC£© £¬£¬£¬£¬£¬Ê¹ÓÃFMC½çÃæ×°ÖÃÉý¼¶¡£¡£¡£¡£¡£¡£¡£¡£×°ÖÃÍê³Éºó £¬£¬£¬£¬£¬ÖØÐÂÓ¦Óûá¼û¿ØÖÆÕ½ÂÔ£»£»£»£»£»£»£»£»

? ¹ØÓÚCisco Firepower Device Manager£¨FDM£© £¬£¬£¬£¬£¬Ê¹ÓÃFDM½çÃæ×°ÖÃÉý¼¶¡£¡£¡£¡£¡£¡£¡£¡£×°ÖÃÍê³Éºó £¬£¬£¬£¬£¬ÖØÐÂÓ¦Óûá¼û¿ØÖÆÕ½ÂÔ¡£¡£¡£¡£¡£¡£¡£¡£


0x04 Ïà¹ØÐÂÎÅ


https://www.security-database.com/detail.php?alert=CVE-2020-3452


0x05 ²Î¿¼Á´½Ó


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86


0x06 ʱ¼äÏß


2020-07-22 CiscoÐû²¼Ç徲ͨ¸æ

2020-07-23 VSRCÐû²¼Îó²îͨ¸æ


ÍòÀû¹ú¼Ê¹ÙÍø(ÖйúÓÎ)ÓÐÏÞ¹«Ë¾