ID

VAR-202005-0685


CVE

CVE-2020-3187


TITLE

Cisco Adaptive Security Appliance software and Cisco Firepower Threat Defense Path traversal vulnerabilities in software

Trust: 0.8

sources: JVNDB: JVNDB-2020-005187

DESCRIPTION

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences. An exploit could allow the attacker to view or delete arbitrary files on the targeted system. When the device is reloaded after exploitation of this vulnerability, any files that were deleted are restored. The attacker can only view and delete files within the web services file system. This file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability can not be used to obtain access to ASA or FTD system files or underlying operating system (OS) files. Reloading the affected device will restore all files within the web services file system. The platform provides features such as highly secure access to data and network resources

Trust: 1.8

sources: NVD: CVE-2020-3187 // JVNDB: JVNDB-2020-005187 // VULHUB: VHN-181312 // VULMON: CVE-2020-3187

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:gteversion:6.2.3

Trust: 1.0

vendor:ciscomodel:asa 5505scope:eqversion:9.6\(4\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.9.2.66

Trust: 1.0

vendor:ciscomodel:asa 5512-xscope:eqversion:9.6\(4\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.10.1.37

Trust: 1.0

vendor:ciscomodel:asa 5550scope:eqversion:9.6\(4\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.12.3.2

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.5.0.4

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.13

Trust: 1.0

vendor:ciscomodel:asa 5545-xscope:eqversion:9.6\(4\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.13.1.7

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.4.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.10

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.2.3.16

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.5.0

Trust: 1.0

vendor:ciscomodel:asa 5585-xscope:eqversion:9.6\(4\)

Trust: 1.0

vendor:ciscomodel:asa 5520scope:eqversion:9.6\(4\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.12

Trust: 1.0

vendor:ciscomodel:asa 5555-xscope:eqversion:9.6\(4\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.6

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.9

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.8

Trust: 1.0

vendor:ciscomodel:asa 5515-xscope:eqversion:9.6\(4\)

Trust: 1.0

vendor:ciscomodel:asa 5510scope:eqversion:9.6\(4\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.8.4.15

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.3.0.6

Trust: 1.0

vendor:ciscomodel:asa 5540scope:eqversion:9.6\(4\)

Trust: 1.0

vendor:ciscomodel:asa 5580scope:eqversion:9.6\(4\)

Trust: 1.0

vendor:ciscomodel:asa 5525-xscope:eqversion:9.6\(4\)

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.3.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.4.0.8

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.6.4.40

Trust: 1.0

vendor:ciscomodel:asa 5505scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5510scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5512-xscope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5515-xscope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5520scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5525-xscope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5540scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5545-xscope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5550scope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-005187 // NVD: CVE-2020-3187

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3187
value: CRITICAL

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3187
value: CRITICAL

Trust: 1.0

NVD: JVNDB-2020-005187
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-202005-206
value: CRITICAL

Trust: 0.6

VULHUB: VHN-181312
value: HIGH

Trust: 0.1

VULMON: CVE-2020-3187
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2020-3187
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2020-005187
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-181312
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-3187
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 5.2
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3187
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 5.2
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-005187
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-181312 // VULMON: CVE-2020-3187 // JVNDB: JVNDB-2020-005187 // CNNVD: CNNVD-202005-206 // NVD: CVE-2020-3187 // NVD: CVE-2020-3187

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.9

sources: VULHUB: VHN-181312 // JVNDB: JVNDB-2020-005187 // NVD: CVE-2020-3187

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202005-206

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202005-206

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-005187

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-181312

PATCH

title:cisco-sa-asaftd-path-JE3azWw43url:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43

Trust: 0.8

title:Cisco Firepower Threat Defense and Adaptive Security Appliances Software Repair measures for path traversal vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117808

Trust: 0.6

title:Cisco: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-asaftd-path-JE3azWw43

Trust: 0.1

title:CVE-2020-3187url:https://github.com/T4t4ru/CVE-2020-3187

Trust: 0.1

title: - url:https://github.com/sunyyer/CVE-2020-3187-Scanlist

Trust: 0.1

title:CVE-2020-3187url:https://github.com/sujaygr8/CVE-2020-3187

Trust: 0.1

title:nuclei-templatesurl:https://github.com/projectdiscovery/nuclei-templates

Trust: 0.1

title:supplierurl:https://github.com/r0eXpeR/supplier

Trust: 0.1

sources: VULMON: CVE-2020-3187 // JVNDB: JVNDB-2020-005187 // CNNVD: CNNVD-202005-206

EXTERNAL IDS

db:NVDid:CVE-2020-3187

Trust: 2.6

db:PACKETSTORMid:158648

Trust: 1.7

db:JVNDBid:JVNDB-2020-005187

Trust: 0.8

db:CNNVDid:CNNVD-202005-206

Trust: 0.7

db:EXPLOIT-DBid:48723

Trust: 0.7

db:AUSCERTid:ESB-2020.1615.2

Trust: 0.6

db:AUSCERTid:ESB-2020.1615

Trust: 0.6

db:NSFOCUSid:47281

Trust: 0.6

db:CNVDid:CNVD-2020-29598

Trust: 0.1

db:VULHUBid:VHN-181312

Trust: 0.1

db:VULMONid:CVE-2020-3187

Trust: 0.1

sources: VULHUB: VHN-181312 // VULMON: CVE-2020-3187 // JVNDB: JVNDB-2020-005187 // CNNVD: CNNVD-202005-206 // NVD: CVE-2020-3187

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-asaftd-path-je3azww43

Trust: 1.7

url:http://packetstormsecurity.com/files/158648/cisco-adaptive-security-appliance-software-9.7-arbitrary-file-deletion.html

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2020-3187

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3187

Trust: 0.8

url:https://vigilance.fr/vulnerability/cisco-asa-directory-traversal-32195

Trust: 0.6

url:http://www.nsfocus.net/vulndb/47281

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1615/

Trust: 0.6

url:https://www.exploit-db.com/exploits/48723

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1615.2/

Trust: 0.6

sources: VULHUB: VHN-181312 // JVNDB: JVNDB-2020-005187 // CNNVD: CNNVD-202005-206 // NVD: CVE-2020-3187

CREDITS

0xmmnbassel

Trust: 0.6

sources: CNNVD: CNNVD-202005-206

SOURCES

db:VULHUBid:VHN-181312
db:VULMONid:CVE-2020-3187
db:JVNDBid:JVNDB-2020-005187
db:CNNVDid:CNNVD-202005-206
db:NVDid:CVE-2020-3187

LAST UPDATE DATE

2024-08-14T13:24:33.867000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-181312date:2023-03-01T00:00:00
db:VULMONid:CVE-2020-3187date:2023-08-16T00:00:00
db:JVNDBid:JVNDB-2020-005187date:2020-06-09T00:00:00
db:CNNVDid:CNNVD-202005-206date:2020-07-30T00:00:00
db:NVDid:CVE-2020-3187date:2023-08-16T16:17:07.960

SOURCES RELEASE DATE

db:VULHUBid:VHN-181312date:2020-05-06T00:00:00
db:VULMONid:CVE-2020-3187date:2020-05-06T00:00:00
db:JVNDBid:JVNDB-2020-005187date:2020-06-09T00:00:00
db:CNNVDid:CNNVD-202005-206date:2020-05-06T00:00:00
db:NVDid:CVE-2020-3187date:2020-05-06T17:15:12.087