← voltar
CVE-2020-3452

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal Vulnerability

CVSS 7.5 HIGHEPSS 100.0%● KEVCWE-20
Em resumo

Uma falha nos serviços web do Cisco ASA e FTD permite que atacantes leiam arquivos através de solicitações web especialmente preparadas. Isso é importante porque informações sensíveis armazenadas na área de serviço web podem ser expostas sem necessidade de autenticação.

Detalhe técnico

Vulnerabilidade de travessia de diretórios no processamento de URLs de requisições HTTP dos serviços web do Cisco ASA e FTD, explorável remotamente sem autenticação quando WebVPN ou AnyConnect estão configurados. Falta de validação adequada de entrada em sequências de travessia de diretórios permite acesso a arquivos arbitrários do sistema de arquivos de serviços web; impacto restrito ao escopo de serviços web, não alcançando arquivos do sistema operacional.

Resumo gerado e traduzido por IA a partir da descrição oficial.
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Produtos afetados
Cisco · Cisco Adaptive Security Appliance (ASA) Software
PoCs públicas encontradas30
githubgithub.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter99githubgithub.com/cygenta/CVE-2020-345226githubgithub.com/PR3R00T/CVE-2020-3452-Cisco-Scanner25githubgithub.com/3ndG4me/CVE-2020-3452-Exploit24githubgithub.com/0x5ECF4ULT/CVE-2020-345224githubgithub.com/murataydemir/CVE-2020-34527githubgithub.com/fuzzlove/Cisco-ASA-FTD-Web-Services-Traversal6githubgithub.com/grim3/CVE-2020-34524githubgithub.com/foulenzer/CVE-2020-34523githubgithub.com/faisalfs10x/Cisco-CVE-2020-3452-shodan-scanner2githubgithub.com/XDev05/CVE-2020-3452-PoC2githubgithub.com/Loneyers/cve-2020-34522githubgithub.com/Cappricio-Securities/CVE-2020-34521githubgithub.com/paran0id34/CVE-2020-34521githubgithub.com/ludy-dev/Cisco-ASA-LFI1githubgithub.com/Aviksaikat/CVE-2020-34521githubgithub.com/mr-r3b00t/CVE-2020-34520githubgithub.com/Gh0st0ne/http-vuln-cve2020-3452.nse0githubgithub.com/sujaygr8/CVE-2020-34520githubgithub.com/Veids/CVE-2020-3452_auto0githubgithub.com/iveresk/cve-2020-34520githubgithub.com/abrewer251/CVE-2020-3452_Cisco_ASA_PathTraversal0githubgithub.com/curtishoughton/CVE-2020-3452-Cisco-Python-Scanner0exploitdbwww.exploit-db.com/exploits/48722não verificadocve_referencepacketstormsecurity.com/files/160497/Cisco-ASA-9.14.1.10-FTD-6.6.0.1-Path-Traversal.htmlnão verificadocve_referencepacketstormsecurity.com/files/158646/Cisco-ASA-FTD-Remote-File-Disclosure.htmlnão verificadocve_referencepacketstormsecurity.com/files/158647/Cisco-Adaptive-Security-Appliance-Software-9.11-Local-File-Inclusion.htmlnão verificadoexploitdbwww.exploit-db.com/exploits/49262não verificadocve_referencepacketstormsecurity.com/files/159523/Cisco-ASA-FTD-9.6.4.42-Path-Traversal.htmlnão verificadoexploitdbwww.exploit-db.com/exploits/48871não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://packetstormsecurity.com/files/158646/Cisco-ASA-FTD-Remote-File-Disclosure.htmlhttp://packetstormsecurity.com/files/158647/Cisco-Adaptive-Security-Appliance-Software-9.11-Local-File-Inclusion.htmlhttp://packetstormsecurity.com/files/159523/Cisco-ASA-FTD-9.6.4.42-Path-Traversal.htmlhttp://packetstormsecurity.com/files/160497/Cisco-ASA-9.14.1.10-FTD-6.6.0.1-Path-Traversal.htmlhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-3452