Description
During the scan, Cytrix has managed to find CISCO Path Traversal (CVE-2020-3452) vulnerability.
A read-only path traversal vulnerability in the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software – CVE-2020-3452.
An attacker could perform directory traversal attacks which enables him to read sensitive files located on the targeted systems.
Severity/Score
CVSS Version 3.x – 7.5 High
Recommendation
To prevent it, make sure that all the softwares you’re using are updated to the latest version released by CISCO.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86
https://cwe.mitre.org/data/definitions/20.html
https://cwe.mitre.org/data/definitions/22.html