Cisco ASA & FTD¶à¸ö¸ßΣÎó²î

Ðû²¼Ê±¼ä 2021-04-29

0x00 Îó²î¸ÅÊö

2021Äê04ÔÂ28ÈÕ£¬£¬£¬£¬£¬£¬CiscoÐû²¼Ç徲ͨ¸æ£¬£¬£¬£¬£¬£¬ÐÞ¸´ÁËCisco×Ô˳ӦÇå¾²×°±¸£¨ASA£©ºÍFirepowerÍþв·ÀÓù£¨FTD£©ÖеÄ6¸ö¸ßΣÎó²î£¬£¬£¬£¬£¬£¬ÆäÖÐ5¸öΪ¾Ü¾øЧÀÍÎó²î£¬£¬£¬£¬£¬£¬1¸öΪÏÂÁî×¢ÈëÎó²î¡£¡£¡£¡£¡£¡£

 

0x01 Îó²îÏêÇé

image.png

 

Îó²îÏêÇéÈçÏ£º

Cisco FTD  SSL¾Ü¾øЧÀÍÎó²î£¨CVE-2021-1402£©

ÓÉÓÚ×°±¸Ö´ÐлùÓÚÈí¼þµÄSSL½âÃÜʱ¶ÔSSL/TLSÐÂÎÅÑé֤ȱ·¦£¬£¬£¬£¬£¬£¬Cisco FTD»ùÓÚÈí¼þµÄSSL/TLSÐÂÎÅ´¦Öóͷ£³ÌÐòÖб£´æÒ»¸ö¾Ü¾øЧÀÍÎó²î£¬£¬£¬£¬£¬£¬ÆäCVSSÆÀ·Ö8.6¡£¡£¡£¡£¡£¡£Î´¾­ÈÏÖ¤µÄÔ¶³Ì¹¥»÷Õß¿ÉÒÔͨ¹ýÏòÊÜÓ°ÏìµÄ×°±¸·¢ËͶñÒâÖÆ×÷µÄSSL/TLSÐÂÎÅÀ´Ê¹ÓôËÎó²î£¬£¬£¬£¬£¬£¬µ«·¢Ë͵½ÊÜÓ°Ïì×°±¸µÄSSL/TLSÐÂÎŲ»»á´¥·¢¾Ü¾øЧÀÍÎó²î£¬£¬£¬£¬£¬£¬¹¥»÷ÕßÔÚÀÖ³ÉʹÓôËÎó²îºó¿Éµ¼ÖÂÀú³ÌÍ߽⣬£¬£¬£¬£¬£¬²¢´¥·¢×°±¸ÖØмÓÔØ£¬£¬£¬£¬£¬£¬´Ó¶øµ¼Ö¾ܾøЧÀÍ¡£¡£¡£¡£¡£¡£ÖØмÓÔغ󣬣¬£¬£¬£¬£¬ÎÞÐèÊÖ¶¯¸ÉÔ¤¼´¿É»Ö¸´×°±¸¡£¡£¡£¡£¡£¡£

 

Cisco ASA & FTD¾Ü¾øЧÀÍÎó²î£¨CVE-2021-1445¡¢CVE-2021-1504£©

ÓÉÓÚȱ·¦¶ÔHTTPSÇëÇóµÄ׼ȷÊäÈëÑéÖ¤£¬£¬£¬£¬£¬£¬Cisco ASAºÍFTDÖб£´æ¶à¸ö¾Ü¾øЧÀÍÎó²î£¬£¬£¬£¬£¬£¬CVSSÆÀ·Ö¾ùΪ8.6¡£¡£¡£¡£¡£¡£Î´¾­Éí·ÝÑéÖ¤µÄÔ¶³Ì¹¥»÷Õß¿ÉÒÔͨ¹ýÏòÊÜÓ°ÏìµÄ×°±¸·¢ËͶñÒâÖÆ×÷µÄHTTPSÇëÇóÀ´Ê¹ÓÃÕâЩÎó²î£¬£¬£¬£¬£¬£¬ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔʹÊÜÓ°ÏìµÄ×°±¸ÖØмÓÔØ£¬£¬£¬£¬£¬£¬Ôì³É¾Ü¾øЧÀÍ¡£¡£¡£¡£¡£¡£

 

Cisco FTDÏÂÁî×¢ÈëÎó²î£¨CVE-2021-1448£©

ÓÉÓÚ¶ÔÓû§ÌṩµÄÏÂÁî²ÎÊýÑé֤ȱ·¦£¬£¬£¬£¬£¬£¬Cisco FTDµÄCLIÖб£´æÒ»¸öÏÂÁî×¢ÈëÎó²î£¬£¬£¬£¬£¬£¬ÆäCVSSÆÀ·Ö7.8¡£¡£¡£¡£¡£¡£¾­ÓÉÉí·ÝÑéÖ¤µÄÍâµØ¹¥»÷Õß¿ÉÒÔͨ¹ýÏòÊÜÓ°ÏìµÄÏÂÁîÌá½»¶ñÒâ´úÂëÀ´Ê¹ÓôËÎó²î£¬£¬£¬£¬£¬£¬ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔÔÚϵͳÉÏÒÔrootȨÏÞÖ´ÐÐí§ÒâÏÂÁî¡£¡£¡£¡£¡£¡£

 

Cisco ASA & FTD»º³åÇøÒç³öÎó²î£¨CVE-2021-1493£©

ÓÉÓÚ¶ÔÌṩӦÊÜÓ°ÏìϵͳµÄWebЧÀͽӿڵÄÌض¨Ãü¾ÝµÄ½çÏß¼ì²éȱ·¦£¬£¬£¬£¬£¬£¬Cisco ASAºÍFTDµÄWebЧÀͽçÃæÖб£´æ»º³åÇøÒç³öÎó²î£¬£¬£¬£¬£¬£¬ÆäCVSSÆÀ·Ö8.5¡£¡£¡£¡£¡£¡£¾­ÓÉÉí·ÝÑéÖ¤µÄÔ¶³Ì¹¥»÷Õß¿ÉÒÔͨ¹ý·¢ËͶñÒâµÄHTTPÇëÇóÀ´Ê¹ÓôËÎó²î£¬£¬£¬£¬£¬£¬ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔÔÚÊÜÓ°ÏìµÄϵͳÉÏÔì³É»º³åÇøÒç³ö£¬£¬£¬£¬£¬£¬µ¼ÖÂй¶Êý¾ÝƬ¶Ï»ò×°±¸ÖØмÓÔØ£¬£¬£¬£¬£¬£¬´Ó¶øÔì³É¾Ü¾øЧÀÍ£¨DoS£©¡£¡£¡£¡£¡£¡£

 

Cisco ASA & FTD¾Ü¾øЧÀÍÎó²î£¨CVE-2021-1501£©

ÓÉÓÚSIP pinholeÅþÁ¬µÄ¹þÏ£ÅÌÎÊÀú³ÌÖб¬·¢Í߽⣬£¬£¬£¬£¬£¬Cisco ASAºÍFTDµÄSIP¼ì²éÒýÇæÖб£´æ¾Ü¾øЧÀÍÎó²î£¬£¬£¬£¬£¬£¬ÆäCVSSÆÀ·Ö8.6¡£¡£¡£¡£¡£¡£Î´¾­Éí·ÝÑéÖ¤µÄÔ¶³Ì¹¥»÷Õß¿ÉÒÔͨ¹ýÏòÊÜÓ°Ïì×°±¸·¢ËͶñÒâÖÆ×÷µÄSIPÁ÷Á¿À´Ê¹ÓôËÎó²î£¬£¬£¬£¬£¬£¬ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õ߿ɵ¼ÖÂÊÜÓ°Ïì×°±¸Í߽ⲢÖØмÓÔØ¡£¡£¡£¡£¡£¡£

 

0x02 ´¦Öóͷ£½¨Òé

ÏÖÔÚCiscoÒѾ­Ðû²¼ÁËCisco ASAºÍ FTDµÄÇå¾²¸üУ¬£¬£¬£¬£¬£¬½¨Òé²Î¿¼¹Ù·½Ðû²¼µÄÇ徲ͨ¸æʵʱÐÞ¸´»òÉý¼¶¡£¡£¡£¡£¡£¡£

CVE-2021-1402£º

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c

 

CVE-2021-1445¡¢CVE-2021-1504£º

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD

 

CVE-2021-1448£º

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinj-vWY5wqZT

 

CVE-2021-1493£º

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-memc-dos-fncTyYKG

 

CVE-2021-1501£º

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-sipdos-GGwmMerC

 

ÏÂÔØÁ´½Ó£º

https://software.cisco.com/download/find

 

0x03 ²Î¿¼Á´½Ó

https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74594

https://tools.cisco.com/security/center/publicationListing.x

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD

 

0x04 ʱ¼äÏß

2021-04-28  CiscoÐû²¼Ç徲ͨ¸æ

2021-04-29  VSRCÐû²¼Ç徲ͨ¸æ

 

0x05 ¸½Â¼

 

CVSSÆÀ·Ö±ê×¼¹ÙÍø£ºhttp://www.first.org/cvss/

image.png