Cisco Secure Firewall ASA and FTD Software SAML Reflected Cross-Site Scripting Vulnerability

A reflected cross-site scripting vulnerability has been identified in the SAML 2.0 single sign-on feature of Cisco Secure Firewall ASA and Threat Defense (FTD) Software. This vulnerability allows an unauthenticated, remote attacker to exploit the SAML feature and access sensitive browser-based information. The issue arises from inadequate input validation of several HTTP parameters, enabling attackers to persuade users to click on malicious links that exploit this vulnerability.

Impact

Exploitation of this vulnerability allows for a reflected cross-site scripting attack, where an attacker can inject malicious scripts that are executed in the context of the user's browser.

Remediation

Cisco has released software updates to address this vulnerability. For instructions on upgrading Cisco Secure FTD devices, refer to the Cisco Secure FMC upgrade guide. To determine the best release to upgrade to, consult the Cisco Software Checker or the Recommended Releases documents for Cisco Secure Firewall ASA or Threat Defense.