Security News > 2020 > May > Cisco Fixes High-Severity Flaws In Firepower Security Software, ASA

Cisco Fixes High-Severity Flaws In Firepower Security Software, ASA
2020-05-07 18:43

Specifically affected is Cisco's Firepower Threat Defense software, which is part of its suite of network security and traffic management products; and its Adaptive Security Appliance software, the operating system for its family of ASA corporate network security devices.

The most severe flaw exists in the web service interfaces for ASA software and FTD software.

Cisco fixed seven other high-severity flaws in its ASA and FTD software, including one in the Kerberos authentication feature of ASA. Kerberos is a common authentication protocol for on-premise authentication, used in many ASA interfaces.

Other FTD software flaws include DoS flaws in the packet processing functionality and in the generic routing encapsulation tunnel, and a DoS flaw in the Secure Sockets Layer or Transport Layer Security handler of FTD software when running on Cisco Firepower 1000 Series appliances.

Overall, Cisco issued 34 patches on Wednesday including 12 high severity flaws and 22 medium severity glitches.


News URL

https://threatpost.com/cisco-fixes-high-severity-flaws-in-firepower-security-software-asa/155568/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1771 1669 288 3749