Skip to main content

Single single-sign-on SNAFU threatens three Cisco products

posted onApril 23, 2018
by l33tdawg
cisco
Credit: cisco

Cisco has announced a suite of patches against a bug in its Security Assertion Markup Language (SAML) implementation.

As is so often the case with a language slip, the bug is inherited by multiple products. In the case of CVE-2018-0229, the affected systems are:

  •     Single sign-on authentication for the AnyConnect desktop mobility client;
  •     Adaptive Security Appliance (ASA) software; and
  •     Firepower Threat Defense (FTD) software.

Cisco's advisory said the bug provided a vector for an attacker to access ASA or FTD software, if they tricked someone into connecting to the security appliances.

Source

Tags

Industry News

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th