Cisco Security Advisory - Cisco Firepower Threat Defense Software SSL Decryption Policy Bleichenbacher Attack Vulnerability

Started by Netwörkheäd, December 25, 2022, 06:19:04 PM

Previous topic - Next topic

Netwörkheäd

Cisco Firepower Threat Defense Software SSL Decryption Policy Bleichenbacher Attack Vulnerability

A vulnerability in the TLS handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain access to sensitive information.


This vulnerability is due to improper implementation of countermeasures against a Bleichenbacher attack on a device that uses SSL decryption policies. An attacker could exploit this vulnerability by sending crafted TLS messages to an affected device, which would act as an oracle and allow the attacker to carry out a chosen-ciphertext attack. A successful exploit could allow the attacker to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions to the affected device.


Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.


This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-bb-rCgtmY2



This advisory is part of the November 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: November 2022 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication.




     
         
Security Impact Rating:  Medium
   
   
       
CVE: CVE-2022-20940
Source: Cisco Firepower Threat Defense Software SSL Decryption Policy Bleichenbacher Attack Vulnerability
Let's not argue. Let's network!