Cisco ASA & FTD¶à¸ö¸ßΣ©¶´

Ðû²¼Ê±¼ä 2021-04-29

0x00 ©¶´¸ÅÊö

2021Äê04ÔÂ28ÈÕ£¬CiscoÐû²¼Äþ¾²Í¨¸æ£¬ÐÞ¸´ÁËCisco×ÔÊÊÓ¦Äþ¾²É豸£¨ASA£©ºÍFirepowerÍþв·ÀÓù£¨FTD£©ÖеÄ6¸ö¸ßΣ©¶´£¬ÆäÖÐ5¸öΪ¾Ü¾ø·þÎñ©¶´£¬1¸öΪÃüÁî×¢È멶´ ¡£

 

0x01 ©¶´ÏêÇé

image.png

 

©¶´ÏêÇéÈçÏ£º

Cisco FTD  SSL¾Ü¾ø·þÎñ©¶´£¨CVE-2021-1402£©

ÓÉÓÚÉ豸ִÐлùÓÚÈí¼þµÄSSL½âÃÜʱ¶ÔSSL/TLSÏûÏ¢ÑéÖ¤²»×㣬Cisco FTD»ùÓÚÈí¼þµÄSSL/TLSÏûÏ¢´¦Ö÷¨Ê½ÖдæÔÚÒ»¸ö¾Ü¾ø·þÎñ©¶´£¬ÆäCVSSÆÀ·Ö8.6 ¡£Î´¾­ÈÏÖ¤µÄÔ¶³Ì¹¥»÷Õß¿ÉÒÔͨ¹ýÏòÊÜÓ°ÏìµÄÉ豸·¢ËͶñÒâÖÆ×÷µÄSSL/TLSÏûÏ¢À´ÀûÓôË©¶´£¬µ«·¢Ë͵½ÊÜÓ°ÏìÉ豸µÄSSL/TLSÏûÏ¢²»»á´¥·¢¾Ü¾ø·þÎñ©¶´£¬¹¥»÷ÕßÔÚÀÖ³ÉÀûÓôË©¶´ºó¿Éµ¼Ö½ø³ÌÍ߽⣬²¢´¥·¢É豸ÖØмÓÔØ£¬´Ó¶øµ¼Ö¾ܾø·þÎñ ¡£ÖØмÓÔغó£¬ÎÞÐèÊÖ¶¯¸ÉÔ¤¼´¿É»Ö¸´É豸 ¡£

 

Cisco ASA & FTD¾Ü¾ø·þÎñ©¶´£¨CVE-2021-1445¡¢CVE-2021-1504£©

ÓÉÓÚȱ·¦¶ÔHTTPSÇëÇóµÄÕýÈ·ÊäÈëÑéÖ¤£¬Cisco ASAºÍFTDÖдæÔÚ¶à¸ö¾Ü¾ø·þÎñ©¶´£¬CVSSÆÀ·Ö¾ùΪ8.6 ¡£Î´¾­Éí·ÝÑéÖ¤µÄÔ¶³Ì¹¥»÷Õß¿ÉÒÔͨ¹ýÏòÊÜÓ°ÏìµÄÉ豸·¢ËͶñÒâÖÆ×÷µÄHTTPSÇëÇóÀ´ÀûÓÃÕâЩ©¶´£¬ÀÖ³ÉÀûÓôË©¶´µÄ¹¥»÷Õß¿ÉÒÔʹÊÜÓ°ÏìµÄÉ豸ÖØмÓÔØ£¬Ôì³É¾Ü¾ø·þÎñ ¡£

 

Cisco FTDÃüÁî×¢È멶´£¨CVE-2021-1448£©

ÓÉÓÚ¶ÔÓû§ÌṩµÄÃüÁî²ÎÊýÑéÖ¤²»×㣬Cisco FTDµÄCLIÖдæÔÚÒ»¸öÃüÁî×¢È멶´£¬ÆäCVSSÆÀ·Ö7.8 ¡£¾­¹ýÉí·ÝÑéÖ¤µÄµ±µØ¹¥»÷Õß¿ÉÒÔͨ¹ýÏòÊÜÓ°ÏìµÄÃüÁîÌá½»¶ñÒâ´úÂëÀ´ÀûÓôË©¶´£¬ÀÖ³ÉÀûÓôË©¶´µÄ¹¥»÷Õß¿ÉÒÔÔÚϵͳÉÏÒÔrootȨÏÞÖ´ÐÐÈÎÒâÃüÁî ¡£

 

Cisco ASA & FTD»º³åÇøÒç³ö©¶´£¨CVE-2021-1493£©

ÓÉÓÚ¶ÔÌṩӦÊÜÓ°ÏìϵͳµÄWeb·þÎñ½Ó¿ÚµÄÌض¨Êý¾ÝµÄ½çÏÞ¼ì²é²»×㣬Cisco ASAºÍFTDµÄWeb·þÎñ½çÃæÖдæÔÚ»º³åÇøÒç³ö©¶´£¬ÆäCVSSÆÀ·Ö8.5 ¡£¾­¹ýÉí·ÝÑéÖ¤µÄÔ¶³Ì¹¥»÷Õß¿ÉÒÔͨ¹ý·¢ËͶñÒâµÄHTTPÇëÇóÀ´ÀûÓôË©¶´£¬ÀÖ³ÉÀûÓôË©¶´µÄ¹¥»÷Õß¿ÉÒÔÔÚÊÜÓ°ÏìµÄϵͳÉÏÔì³É»º³åÇøÒç³ö£¬µ¼ÖÂй¶Êý¾ÝƬ¶Î»òÉ豸ÖØмÓÔØ£¬´Ó¶øÔì³É¾Ü¾ø·þÎñ£¨DoS£© ¡£

 

Cisco ASA & FTD¾Ü¾ø·þÎñ©¶´£¨CVE-2021-1501£©

ÓÉÓÚSIP pinholeÁ¬½ÓµÄ¹þÏ£²éѯ¹ý³ÌÖз¢ÉúÍ߽⣬Cisco ASAºÍFTDµÄSIP¼ì²éÒýÇæÖдæÔھܾø·þÎñ©¶´£¬ÆäCVSSÆÀ·Ö8.6 ¡£Î´¾­Éí·ÝÑéÖ¤µÄÔ¶³Ì¹¥»÷Õß¿ÉÒÔͨ¹ýÏòÊÜÓ°ÏìÉ豸·¢ËͶñÒâÖÆ×÷µÄSIPÁ÷Á¿À´ÀûÓôË©¶´£¬ÀÖ³ÉÀûÓôË©¶´µÄ¹¥»÷Õ߿ɵ¼ÖÂÊÜÓ°ÏìÉ豸Í߽ⲢÖØмÓÔØ ¡£

 

0x02 ´¦Öý¨Òé

Ä¿Ç°CiscoÒѾ­Ðû²¼ÁËCisco ASAºÍ FTDµÄÄþ¾²¸üУ¬½¨Òé²Î¿¼¹Ù·½Ðû²¼µÄÄþ¾²Í¨¸æ¼°Ê±ÐÞ¸´»òÉý¼¶ ¡£

CVE-2021-1402£º

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c

 

CVE-2021-1445¡¢CVE-2021-1504£º

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD

 

CVE-2021-1448£º

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinj-vWY5wqZT

 

CVE-2021-1493£º

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-memc-dos-fncTyYKG

 

CVE-2021-1501£º

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-sipdos-GGwmMerC

 

ÏÂÔØÁ´½Ó£º

https://software.cisco.com/download/find

 

0x03 ²Î¿¼Á´½Ó

https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74594

https://tools.cisco.com/security/center/publicationListing.x

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD

 

0x04 ʱ¼äÏß

2021-04-28  CiscoÐû²¼Äþ¾²Í¨¸æ

2021-04-29  VSRCÐû²¼Äþ¾²Í¨¸æ

 

0x05 ¸½Â¼

 

CVSSÆÀ·Ö³ß¶È¹ÙÍø£ºhttp://www.first.org/cvss/

image.png