Cloud Vulnerability DB
An open project to list all known cloud vulnerabilities and Cloud Service Provider security issues
Vulnerability DatabaseCVE-2024-20353
CVE-2024-20353:
Cisco Adaptive Security Appliance (ASA) vulnerability analysis and mitigation
Overview
A vulnerability (CVE-2024-20353) was discovered in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software. The vulnerability was disclosed on April 24, 2024, and has been actively exploited in the wild as part of the ArcaneDoor campaign. This vulnerability affects various versions of Cisco ASA Software and FTD Software that have specific configurations enabled (Cisco Advisory).
Technical details
The vulnerability is due to incomplete error checking when parsing an HTTP header, receiving a CVSS Base Score of 8.6 HIGH (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H). The weakness is classified as CWE-835 (Loop with Unreachable Exit Condition). To determine if a device is affected, administrators can use the 'show asp table socket | include SSL' command to check for SSL listen sockets on any TCP port (Cisco Advisory).
Impact
A successful exploitation of this vulnerability allows an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This can lead to service disruption and potential system unavailability (NVD, Cisco Advisory).
Mitigation and workarounds
Cisco has released software updates that address this vulnerability. There are no workarounds available. Organizations are strongly encouraged to upgrade to the fixed software versions and monitor system logs for indicators of undocumented configuration changes, unscheduled reboots, and anomalous credential activity (Cisco Advisory).
Community reactions
Multiple government security agencies have collaborated in the investigation of this vulnerability, including the Australian Signals Directorate's Australian Cyber Security Centre, Canadian Centre for Cyber Security, UK's National Cyber Security Centre (NCSC), and U.S. Cybersecurity & Infrastructure Security Agency (CISA). CISA has added this vulnerability to their Known Exploited Vulnerabilities Catalog with a remediation date of May 1, 2024 (Cisco Advisory).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Get a personalized demo
Ready to see Wiz in action?
“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management