The authentication would need to be done by an unsuspecting third party, aka Session Fixation. Current DescriptionĪ vulnerability in the implementation of Security Assertion Markup Language (SAML) Single Sign-On (SSO) authentication for Cisco An圜onnect Secure Mobility Client for Desktop Platforms, Cisco Adaptive Security Appliance (ASA) Software, and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to establish an authenticated An圜onnect session through an affected device running ASA or FTD Software. It is awaiting reanalysis which may result in further changes to the information provided. This vulnerability has been modified since it was last analyzed by the NVD.
0 kommentar(er)
