On April 11, 2019, CERT/cc published a vulnerability note ( VU#192371) describing a vulnerability on how different VPN implementations store session cookies within system memory.
Cisco investigated this issue and determined Cisco AnyConnect is not vulnerable to the behavior described in VU#192371 with regard to storing session tokens in log files. Cisco PSIRT is not aware of any situation where a currently valid session token is written to log files. This is documented in Cisco Bug ID CSCvk10249.
Cisco AnyConnect stores session cookies within system memory to support resumption of Clientless VPN sessions. The storage of the session cookie within process memory of the client and in cases of Clientless sessions the web browser while the sessions are active are not considered to be an unwarranted exposure. These values are required to maintain the operation of the session per design of the feature should session re-establishment be required due to network interruption. We have documented the concerns and the engineering teams will incorporate this feedback into discussions for future design improvements of the Cisco AnyConnect VPN solution.
It should also be noted that all session material stored by both the Cisco AnyConnect Client and Clientless solutions are destroyed once the sessions is deliberately terminated by the client.
Hello @All, i have a issue with my ASA 5525X and Anyconnect. Followed situation we have : ASA 5525X with IOS 9.8.3ASA runs in CTX Mode, one for Site2Site VPN´s and one for AnyConnect UsersI have the Apex licensees installed on both ASA...
I am building two small labs (one at work, one at home) where I want to have cisco ISE in a virtual system, where I can run other virtual servers. I want to do some authentication/ radius with windows 2016. Anyway, would pref...
Hi Experts Ran into a scenario as following and was hoping I could get some guidance on the process of upgrading the vFMC and FTD.Currently we have 5525-X in HA mode registered on the vFMC running FMC version 6.2.0 with FTD version 6.2.0 as well.&nbs...