⚠ Actively exploited
Added to CISA KEV on 2021-11-03. Federal agencies required to patch by 2022-05-03. Required action: Apply updates per vendor instructions..

CVE-2020-3452Improper Input Validation in Cisco Adaptive Security Appliance Software

CWE-20Improper Input ValidationCWE-22Path Traversal36 documents11 sources
Severity
7.5HIGHNVD
EPSS
94.5%
top < 0.01%
CISA KEV
KEV
Added 2021-11-03
Due 2022-05-03
Exploit
Exploited in wild
Active exploitation observed
Affected products
3
Cisco Adaptive Security Appliance SoftwareCisco Adaptive Security Appliance SoftwareCisco Firepower Threat Defense
Timeline
PublishedJul 22
KEV addedNov 3
KEV dueMay 3
Latest updateNov 17
CISA Required Action: Apply updates per vendor instructions.

Description

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing director

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

CVEListV5cisco/cisco_adaptive_security_appliance_softwareunspecified9.6.4.42+5
NVDcisco/firepower_threat_defense6.2.36.2.3.16+4

🔴Vulnerability Details

3
GHSA
GHSA-q26c-r46f-6fcq: A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software co2022-05-24
CVEList
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal Vulnerability2020-07-22
VulnCheck
Cisco ASA and FTD Read-Only Path Traversal Vulnerability2020

💥Exploits & PoCs

5
Exploit-DB
Cisco ASA 9.14.1.10 and FTD 6.6.0.1 - Path Traversal (2)2020-12-15
Exploit-DB
Cisco ASA and FTD 9.6.4.42 - Path Traversal2020-10-12
Exploit-DB
Cisco Adaptive Security Appliance Software 9.11 - Local File Inclusion2020-07-28
Nuclei
Cisco Adaptive Security Appliance (ASA)/Firepower Threat Defense (FTD) - Local File Inclusion
Nuclei
Cisco ASA Security Checks

🔍Detection Rules

5
Suricata
ET EXPLOIT Cisco ASA and Firepower Path Traversal Vulnerability M2 (CVE-2020-3452)2021-10-27
Suricata
ET EXPLOIT Cisco ASA and Firepower Path Traversal Vulnerability M1 (CVE-2020-3452)2021-10-27
Suricata
ET EXPLOIT Cisco ASA/Firepower Unauthenticated File Read (CVE-2020-3452) M12020-07-23
Suricata
ET EXPLOIT Cisco ASA/Firepower Unauthenticated File Read (CVE-2020-3452) M22020-07-23
Suricata
ET EXPLOIT Cisco ASA/Firepower Unauthenticated File Read (CVE-2020-3452) M32020-07-23

📋Vendor Advisories

2
CISA
Cisco ASA and FTD Read-Only Path Traversal Vulnerability2021-11-03
Cisco
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal Vulnerability2020-07-22

💬Community

19
HackerOne
Unathenticated file read (CVE-2020-3452)2023-11-17
HackerOne
[CVE-2020-3452] Unauthenticated file read in Cisco ASA2022-05-12
HackerOne
[CVE-2020-3452] Unauthenticated file read in Cisco ASA2022-05-12
HackerOne
[CVE-2020-3452] on ███████2022-04-07
HackerOne
CVE-2020-3452 on https://█████/2022-03-18
CVE-2020-3452 — Improper Input Validation in Cisco | cvebase