CVE-2020-3187

CRITICAL
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences. An exploit could allow the attacker to view or delete arbitrary files on the targeted system. When the device is reloaded after exploitation of this vulnerability, any files that were deleted are restored. The attacker can only view and delete files within the web services file system. This file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability can not be used to obtain access to ASA or FTD system files or underlying operating system (OS) files. Reloading the affected device will restore all files within the web services file system.

References

http://packetstormsecurity.com/files/158648/Cisco-Adaptive-Security-Appliance-Software-9.7-Arbitrary-File-Deletion.html

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43

Details

Source: MITRE

Published: 2020-05-06

Updated: 2020-07-29

Type: CWE-22

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 9.1

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Impact Score: 5.2

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*

cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*

cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*

cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*

Configuration 2

AND

OR

cpe:2.3:o:cisco:asa_5505_firmware:9.6\(4\):*:*:*:*:*:*:*

OR

cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*

Configuration 3

AND

OR

cpe:2.3:o:cisco:asa_5510_firmware:9.6\(4\):*:*:*:*:*:*:*

OR

cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*

Configuration 4

AND

OR

cpe:2.3:o:cisco:asa_5512-x_firmware:9.6\(4\):*:*:*:*:*:*:*

OR

cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*

Configuration 5

AND

OR

cpe:2.3:o:cisco:asa_5515-x_firmware:9.6\(4\):*:*:*:*:*:*:*

OR

cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*

Configuration 6

AND

OR

cpe:2.3:o:cisco:asa_5520_firmware:9.6\(4\):*:*:*:*:*:*:*

OR

cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*

Configuration 7

AND

OR

cpe:2.3:o:cisco:asa_5525-x_firmware:9.6\(4\):*:*:*:*:*:*:*

OR

cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*

Configuration 8

AND

OR

cpe:2.3:o:cisco:asa_5540_firmware:9.6\(4\):*:*:*:*:*:*:*

OR

cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*

Configuration 9

AND

OR

cpe:2.3:o:cisco:asa_5545-x_firmware:9.6\(4\):*:*:*:*:*:*:*

OR

cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*

Configuration 10

AND

OR

cpe:2.3:o:cisco:asa_5550_firmware:9.6\(4\):*:*:*:*:*:*:*

OR

cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*

Configuration 11

AND

OR

cpe:2.3:o:cisco:asa_5555-x_firmware:9.6\(4\):*:*:*:*:*:*:*

OR

cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*

Configuration 12

AND

OR

cpe:2.3:o:cisco:asa_5580_firmware:9.6\(4\):*:*:*:*:*:*:*

OR

cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*

Configuration 13

AND

OR

cpe:2.3:o:cisco:asa_5585-x_firmware:9.6\(4\):*:*:*:*:*:*:*

OR

cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*

Configuration 14

OR

cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*

cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*

cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*

cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*

cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*

cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*

Tenable Plugins

View all (3 total)

IDNameProductFamilySeverity
136915Cisco Firepower Threat Defense Software Web Services Path Traversal (cisco-sa-asaftd-path-JE3azWw43)NessusCISCO
critical
136914Cisco Adaptive Security Appliance Software Web Services Path Traversal (cisco-sa-asaftd-path-JE3azWw43)NessusCISCO
critical
720319Rockwell Automation Stratix 5950 Industrial EtherNet/IP Security Appliance <= 16.4 Directory Traversal AttackNessus Network MonitorSCADA
critical