{"cve_id":"CVE-2020-3452","summary":"A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"epss":0.94452,"ranking_epss":0.99992,"kev":true,"propose_action":"Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an improper input validation vulnerability when HTTP requests process URLs.  An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device.","ransomware_campaign":"Unknown","references":["http://packetstormsecurity.com/files/158646/Cisco-ASA-FTD-Remote-File-Disclosure.html","http://packetstormsecurity.com/files/158647/Cisco-Adaptive-Security-Appliance-Software-9.11-Local-File-Inclusion.html","http://packetstormsecurity.com/files/159523/Cisco-ASA-FTD-9.6.4.42-Path-Traversal.html","http://packetstormsecurity.com/files/160497/Cisco-ASA-9.14.1.10-FTD-6.6.0.1-Path-Traversal.html","https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86","http://packetstormsecurity.com/files/158646/Cisco-ASA-FTD-Remote-File-Disclosure.html","http://packetstormsecurity.com/files/158647/Cisco-Adaptive-Security-Appliance-Software-9.11-Local-File-Inclusion.html","http://packetstormsecurity.com/files/159523/Cisco-ASA-FTD-9.6.4.42-Path-Traversal.html","http://packetstormsecurity.com/files/160497/Cisco-ASA-9.14.1.10-FTD-6.6.0.1-Path-Traversal.html","https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-3452"],"published_time":"2020-07-22T20:15:11","cpes":["cpe:2.3:a:cisco:firepower_threat_defense:6.2.3","cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.0","cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1","cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10","cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11","cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12","cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13","cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14","cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15","cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2","cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3","cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4","cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5","cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6","cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7","cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8","cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9","cpe:2.3:a:cisco:firepower_threat_defense:6.3.0","cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.1","cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.2","cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.3","cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.4","cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.5","cpe:2.3:a:cisco:firepower_threat_defense:6.4.0","cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1","cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2","cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3","cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4","cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5","cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6","cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7","cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8","cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9","cpe:2.3:a:cisco:firepower_threat_defense:6.5.0","cpe:2.3:a:cisco:firepower_threat_defense:6.5.0.1","cpe:2.3:a:cisco:firepower_threat_defense:6.5.0.2","cpe:2.3:a:cisco:firepower_threat_defense:6.5.0.3","cpe:2.3:a:cisco:firepower_threat_defense:6.5.0.4","cpe:2.3:a:cisco:firepower_threat_defense:6.6.0","cpe:2.3:h:cisco:asa_5505:-","cpe:2.3:h:cisco:asa_5510:-","cpe:2.3:h:cisco:asa_5512-x:-","cpe:2.3:h:cisco:asa_5515-x:-","cpe:2.3:h:cisco:asa_5520:-","cpe:2.3:h:cisco:asa_5525-x:-","cpe:2.3:h:cisco:asa_5540:-","cpe:2.3:h:cisco:asa_5545-x:-","cpe:2.3:h:cisco:asa_5550:-","cpe:2.3:h:cisco:asa_5555-x:-","cpe:2.3:h:cisco:asa_5580:-","cpe:2.3:h:cisco:asa_5585-x:-","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.0","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.10","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.11","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.17","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.2","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.22","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.27","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.30","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.32","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.37","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.40","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1.7","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.0","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.6","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.2","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.4","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.5","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.7","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6(1)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6(2)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6(3)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6(3)11","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6(3)12","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6(3)14","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6(3)17","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6(3)3","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6(3)8","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6(3)9","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6(3.1)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6(4)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6(4)3","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6(4)5","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6(4)6","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6(4)8","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6(4.4)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6(43)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.0","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.0.0","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1(11)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1.10","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1.3","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1.5","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.1","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.11","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.13","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.2","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.22","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.23","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.3","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.7","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.8","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.9","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.1","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.11","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.12","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.14","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.17","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.20","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.3","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.8","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3.9","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.10","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.12","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.14","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.17","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.18","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.20","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.22","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.23","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.24","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.25","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.29","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.3","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.30","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.31","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.34","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.35","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.36","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.40","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.41","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.5","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.6","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4.8","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8(0.56)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8(1)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8(1.200)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8(1.245)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8(2)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8(2)14","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8(2)17","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8(2)20","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8(2)24","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8(2)26","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8(2)28","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8(2)8","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8(2.12)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8(2.15)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8(2.21)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8(3)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.0","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.0.0","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.26","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.45","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.9","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9(1)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9(1.77)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9(2)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9(2)1","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9(28)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.0","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.0.0","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1(1)","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1.2","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1.3","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1.4","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1.5","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.1","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.14","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.18","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.25","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.27","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.32","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.36","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.40","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.47","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.50","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.52","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.56","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.59","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.61","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.66","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.67","cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.2.9"]}