CVE-2020-3125

{"id": "CVE-2020-3125", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2020-05-06T17:15:11.807", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-asa-kerberos-bypass-96Gghe2sS", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Kerberos authentication feature of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to impersonate the Kerberos key distribution center (KDC) and bypass authentication on an affected device that is configured to perform Kerberos authentication for VPN or local device access. The vulnerability is due to insufficient identity verification of the KDC when a successful authentication response is received. An attacker could exploit this vulnerability by spoofing the KDC server response to the ASA device. This malicious response would not have been authenticated by the KDC. A successful attack could allow an attacker to bypass Kerberos authentication."}, {"lang": "es", "value": "Una vulnerabilidad en la funcionalidad de autenticaci\u00f3n de Kerberos del Cisco Adaptive Security Appliance (ASA) Software, podr\u00eda permitir a un atacante remoto no autenticado suplantar al centro de distribuci\u00f3n de claves (KDC) de Kerberos y omitir la autenticaci\u00f3n sobre un dispositivo afectado que est\u00e9 configurado para realizar la autenticaci\u00f3n Kerberos para VPN o acceso local a dispositivos. La vulnerabilidad es debido a una verificaci\u00f3n de identidad insuficiente del KDC cuando es recibida una respuesta de autenticaci\u00f3n con \u00e9xito. Un atacante podr\u00eda explotar esta vulnerabilidad al suplantar la respuesta del servidor KDC en el dispositivo ASA. Esta respuesta maliciosa no habr\u00eda sido autenticada por el KDC. Un ataque con \u00e9xito podr\u00eda permitir a un atacante omitir la autenticaci\u00f3n de Kerberos."}], "lastModified": "2023-08-16T16:17:07.960", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.10\\(1.220\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EAB3A81C-AB8B-4FE8-8E3C-77414CDDEC4E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.10\\(1.220\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "377FC700-43A0-4168-9C72-1BD41AB34749"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.10\\(1.220\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77D13BF0-B375-4C73-BF97-A47D4B28B355"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.10\\(1.220\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C97152B-54A7-449A-B8A1-F33866CEBD12"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.10\\(1.220\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E21CFCB0-693B-4A24-81BC-219028B75457"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.10\\(1.220\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "276AA496-06BF-44AC-AE35-805E3C176F9C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.10\\(1.220\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8E8118D-FFF4-4E5D-A76B-F8CE055BE655"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.10\\(1.220\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA8B14B3-D754-460B-8D38-CA1AB9DFA4F1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.10\\(1.220\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59CE9B3F-0310-4A52-9E50-458AD6141339"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.10\\(1.220\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91F751E1-C863-4807-A533-ED7E0EA5A782"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.10\\(1.220\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F9EE913-9DD0-4E58-B036-D21D22062E40"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.10\\(1.220\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10E58D15-B2FD-45D4-8EE0-0AB5E28F7F58"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00F098B2-8740-4F24-AB9A-C56462464C67", "versionEndExcluding": "9.8.4.15", "versionStartIncluding": "9.8"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEE81D32-51D0-41F7-B06B-0750DCB1F589", "versionEndExcluding": "9.9.2.66", "versionStartIncluding": "9.9"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49FFDB02-2944-4B31-BBC0-30E60BA9F9D1", "versionEndExcluding": "9.10.1.37", "versionStartIncluding": "9.10"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BDBCE56-8434-43B5-A172-5A63536D9E9F", "versionEndExcluding": "9.12.3.2", "versionStartIncluding": "9.12"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE14B138-4EED-43E1-A8F1-0D16F4A761C0", "versionEndExcluding": "9.13.1.7", "versionStartIncluding": "9.13"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}