Details of VAR-202007-1057

ID

VAR-202007-1057

CVE

CVE-2020-3452

TITLE

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Input verification vulnerabilities in software

Trust: 0.8

sources: JVNDB: JVNDB-2020-008187

DESCRIPTION

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files. The Cisco ASA series is a series of customized solutions for security equipment launched by Cisco. It integrates advanced security and VPN services to protect business communications and organizations of all sizes from cyber threats. Cisco has a variety of arbitrary file reading vulnerabilities, which can be exploited by attackers to obtain sensitive information. The platform provides features such as highly secure access to data and network resources

Trust: 2.34

sources: NVD: CVE-2020-3452 // JVNDB: JVNDB-2020-008187 // CNVD: CNVD-2020-51264 // VULHUB: VHN-181577 // VULMON: CVE-2020-3452

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-51264

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.3.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.9	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.4.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.5.0.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.8.4.20	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.6.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.8	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.6.4.42	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.6	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.2.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.9.2.74	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.13.1.10	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.12	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.2.3.16	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.14.1.10	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.14	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.10	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.3.0.6	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.10.1.42	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.13	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.12.3.12	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.5.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.6.0.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.4.0.10	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance	scope:	gte	version:	9.6,<9.6.4.42	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance	scope:	gte	version:	9.8,<9.8.4.20	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance	scope:	gte	version:	9.9,<9.9.2.74	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance	scope:	gte	version:	9.10,<9.10.1.42	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance	scope:	gte	version:	9.12,<9.12.3.12	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance	scope:	gte	version:	9.13,<9.13.1.10	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance	scope:	gte	version:	9.14,<9.14.1.10	Trust: 0.6

sources: CNVD: CNVD-2020-51264 // JVNDB: JVNDB-2020-008187 // NVD: CVE-2020-3452

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-3452
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2020-3452
value:	HIGH
Trust: 1.0
NVD:	JVNDB-2020-008187
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2020-51264
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202007-1378
value:	HIGH
Trust: 0.6
VULHUB:	VHN-181577
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2020-3452
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-3452
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	JVNDB-2020-008187
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2020-51264
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-181577
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-3452
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 2.0
NVD:	JVNDB-2020-008187
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2020-51264 // VULHUB: VHN-181577 // VULMON: CVE-2020-3452 // JVNDB: JVNDB-2020-008187 // CNNVD: CNNVD-202007-1378 // NVD: CVE-2020-3452 // NVD: CVE-2020-3452

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.9
problemtype:	CWE-22	Trust: 1.1

sources: VULHUB: VHN-181577 // JVNDB: JVNDB-2020-008187 // NVD: CVE-2020-3452

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202007-1378

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202007-1378

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-008187

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-181577

PATCH

title:	cisco-sa-asaftd-ro-path-KJuQhB86	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86	Trust: 0.8
title:	Patches for arbitrary file reading vulnerabilities in CiscoASA series	url:	https://www.cnvd.org.cn/patchInfo/show/233428	Trust: 0.6
title:	Cisco Firepower Threat Defense and Adaptive Security Appliances Software Enter the fix for the verification error vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=124790	Trust: 0.6
title:	Cisco: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-asaftd-ro-path-KJuQhB86	Trust: 0.1
title:	CVE-2020-3452	url:	https://github.com/foulenzer/CVE-2020-3452	Trust: 0.1
title:	CVE-2020-3452	url:	https://github.com/Aviksaikat/CVE-2020-3452	Trust: 0.1
title:	CVE-2020-3452	url:	https://github.com/bn9r/cve-2020-3452	Trust: 0.1
title:	CVE-2020-3452	url:	https://github.com/foulenzer/cve-2020-3452	Trust: 0.1
title:	Checker CVE-2020-3452	url:	https://github.com/MrCl0wnLab/checker-cve2020-3452	Trust: 0.1
title:	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability CVE-2020-3452	url:	https://github.com/fuzzlove/Cisco-ASA-FTD-Web-Services-Traversal	Trust: 0.1
title:	https://github.com/grim3/CVE-2020-3452	url:	https://github.com/grim3/CVE-2020-3452	Trust: 0.1
title:	Exploit CISCO Remove File Via session_password.html	url:	https://github.com/dinhbaouit/CISCO-Remove-File	Trust: 0.1
title:	Cisco-CVE-2020-3452-checker	url:	https://github.com/faisalfs10x/Cisco-CVE-2020-3452-checker	Trust: 0.1
title:	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability CVE-2020-3452	url:	https://github.com/drizzt-do-urden-da-drow/CISCO	Trust: 0.1
title:	CVE-2020-3452-Exploit	url:	https://github.com/3ndG4me/CVE-2020-3452-Exploit	Trust: 0.1
title:	CVE-2020-3452-Exploit	url:	https://github.com/iveresk/cve-2020-3452	Trust: 0.1
title:	https://github.com/mr-r3b00t/CVE-2020-3452	url:	https://github.com/mr-r3b00t/CVE-2020-3452	Trust: 0.1
title:	http-vuln-cve2020-3452.nse	url:	https://github.com/Gh0st0ne/http-vuln-cve2020-3452.nse	Trust: 0.1
title:	Enum Cisco ASA via CVE-2020-3452 and download files Convert Lua byte code using unluac	url:	https://github.com/Veids/CVE-2020-3452_auto	Trust: 0.1
title:	CVE-2020-3452	url:	https://github.com/XDev05/CVE-2020-3452-PoC	Trust: 0.1
title:	dirty-scripts	url:	https://github.com/faisalfs10x/dirty-scripts	Trust: 0.1
title:	https://github.com/Liger0898/Liger0898	url:	https://github.com/Liger0898/Liger0898	Trust: 0.1

sources: CNVD: CNVD-2020-51264 // VULMON: CVE-2020-3452 // JVNDB: JVNDB-2020-008187 // CNNVD: CNNVD-202007-1378

EXTERNAL IDS

db:	NVD	id:	CVE-2020-3452	Trust: 3.2
db:	PACKETSTORM	id:	160497	Trust: 1.7
db:	PACKETSTORM	id:	158647	Trust: 1.7
db:	PACKETSTORM	id:	158646	Trust: 1.7
db:	PACKETSTORM	id:	159523	Trust: 1.7
db:	JVNDB	id:	JVNDB-2020-008187	Trust: 0.8
db:	EXPLOIT-DB	id:	48871	Trust: 0.7
db:	EXPLOIT-DB	id:	48722	Trust: 0.7
db:	CNNVD	id:	CNNVD-202007-1378	Trust: 0.7
db:	CNVD	id:	CNVD-2020-51264	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.2522.4	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.2522.5	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.2522	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.2522.2	Trust: 0.6
db:	NSFOCUS	id:	47633	Trust: 0.6
db:	NSFOCUS	id:	49091	Trust: 0.6
db:	EXPLOIT-DB	id:	49262	Trust: 0.1
db:	SEEBUG	id:	SSVID-98295	Trust: 0.1
db:	VULHUB	id:	VHN-181577	Trust: 0.1
db:	VULMON	id:	CVE-2020-3452	Trust: 0.1

sources: CNVD: CNVD-2020-51264 // VULHUB: VHN-181577 // VULMON: CVE-2020-3452 // JVNDB: JVNDB-2020-008187 // CNNVD: CNNVD-202007-1378 // NVD: CVE-2020-3452

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-asaftd-ro-path-kjuqhb86	Trust: 2.3
url:	http://packetstormsecurity.com/files/158646/cisco-asa-ftd-remote-file-disclosure.html	Trust: 2.3
url:	http://packetstormsecurity.com/files/158647/cisco-adaptive-security-appliance-software-9.11-local-file-inclusion.html	Trust: 2.3
url:	http://packetstormsecurity.com/files/159523/cisco-asa-ftd-9.6.4.42-path-traversal.html	Trust: 2.3
url:	http://packetstormsecurity.com/files/160497/cisco-asa-9.14.1.10-ftd-6.6.0.1-path-traversal.html	Trust: 2.3
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3452	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3452	Trust: 0.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cis	Trust: 0.6
url:	https://www.cnblogs.com/potatsosec/p/13364171.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.2522.4/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.2522.5/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.2522.2/	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/47633	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-asa-directory-traversal-via-http-requests-32899	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/49091	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.2522/	Trust: 0.6
url:	https://www.exploit-db.com/exploits/48871	Trust: 0.6
url:	https://www.exploit-db.com/exploits/48722	Trust: 0.6

sources: CNVD: CNVD-2020-51264 // VULHUB: VHN-181577 // JVNDB: JVNDB-2020-008187 // CNNVD: CNNVD-202007-1378 // NVD: CVE-2020-3452

CREDITS

Freakyclown

Trust: 0.6

sources: CNNVD: CNNVD-202007-1378

SOURCES

db:	CNVD	id:	CNVD-2020-51264
db:	VULHUB	id:	VHN-181577
db:	VULMON	id:	CVE-2020-3452
db:	JVNDB	id:	JVNDB-2020-008187
db:	CNNVD	id:	CNNVD-202007-1378
db:	NVD	id:	CVE-2020-3452

LAST UPDATE DATE

2024-08-14T13:24:22.185000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2020-51264	date:	2020-09-10T00:00:00
db:	VULHUB	id:	VHN-181577	date:	2022-09-20T00:00:00
db:	VULMON	id:	CVE-2020-3452	date:	2023-11-07T00:00:00
db:	JVNDB	id:	JVNDB-2020-008187	date:	2020-09-04T00:00:00
db:	CNNVD	id:	CNNVD-202007-1378	date:	2022-09-21T00:00:00
db:	NVD	id:	CVE-2020-3452	date:	2024-02-21T20:57:31.090

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2020-51264	date:	2020-07-27T00:00:00
db:	VULHUB	id:	VHN-181577	date:	2020-07-22T00:00:00
db:	VULMON	id:	CVE-2020-3452	date:	2020-07-22T00:00:00
db:	JVNDB	id:	JVNDB-2020-008187	date:	2020-09-04T00:00:00
db:	CNNVD	id:	CNNVD-202007-1378	date:	2020-07-22T00:00:00
db:	NVD	id:	CVE-2020-3452	date:	2020-07-22T20:15:11.970