Signature Detail

Short Name	HTTP:CISCO:ASA-VPN-SEC-BYPASS
Severity	High
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	Cisco ASA SSL WebVPN Security Bypass
Release Date	2015/07/20
Update Number	2517
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Cisco ASA SSL WebVPN Security Bypass

This signature detects attempts to exploit a known vulnerability against Cisco ASA SSL WebVPN. Attackers can bypass security authentications which could lead to further attacks.

References

CVE: CVE-2014-3393
URL: http://breenmachine.blogspot.ca/2014/10/cisco-asa-ssl-vpn-backdoor-poc-cve-2014.html
URL: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Cisco ASA SSL WebVPN Security Bypass

References