CISCO – Path Traversal (CVE-2020-3452)

Description

During the scan, Kayran has managed to find CISCO Path Traversal (CVE-2020-3452) vulnerability.
A read-only path traversal vulnerability in the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software – CVE-2020-3452.

An attacker could perform directory traversal attacks which enables him to read sensitive files located on the targeted systems.

Severity/Score

CVSS Version 3.x – 7.5 High

Recommendation

To prevent it, make sure that all the softwares you’re using are updated to the latest version released by CISCO.

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86

https://cwe.mitre.org/data/definitions/20.html

https://cwe.mitre.org/data/definitions/22.html

< Return to all Vulnerabilities

Crossing Scripts – XSS

Injections. SQL Injections. Cross-site Scripting (hence the amazing title “Crossing Scripts – XSS”). There all sorts of Injection-Based attacks, if you want to read about

Read More »