[Upcoming Session] 2024 Mid-Year Attacks & Trends. Join us August 1st.
Register
Skip to main content
On-Demand Webinar

Unauthenticated Path Traversal - CVE-2020-3452

Threats + Use Case
On-Demand Webinar

Unauthenticated Path Traversal - CVE-2020-3452

Detection Strategies

Description

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software(CVE-2020-3452) could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files.

References

Request Access to Use Case Repository

Categories

Initial Access

Exploit Public-Facing Application

Splunk

Get the Latest Resources

Leave Your Data Where You Want: Detect Across Snowflake

Demo Series
Leave Your Data Where You Want: Detect Across Snowflake
Watch

MonteAI: Your Detection Engineering & Threat Hunting Co-Pilot

Demo Series
MonteAI: Your Detection Engineering & Threat Hunting Co-Pilot
Watch
Break Free from SIEM Lock-in
Get the latest news, blog posts and threat reports
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
By submitting this form, you agree to our Terms of Use
and acknowledge our Privacy Statement.
Product
PlatformIntegrations
Learn
BlogResourcesThreat ResearchDetection DispatchWebinarsCustomersSolution GuidesWhite PapersData Sheets
Customer Resources
Log InRelease NotesKnowledge Base
Company
About UsCareersContact Us
Facebook
Twitter
Linkedin
© 2024 Anvilogic. All Rights Reserved.
[Upcoming Session] 2024 Mid-Year Attacks & Trends. Join us August 1st.
Register
Skip to main content
White Paper

Unauthenticated Path Traversal - CVE-2020-3452

Threats + Use Case
Break Free from SIEM Lock-in
Get the latest news, blog posts and threat reports
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
By submitting this form, you agree to our Terms of Use
and acknowledge our Privacy Statement.
Product
PlatformIntegrations
Learn
BlogResourcesThreat ResearchDetection DispatchWebinarsCustomersSolution GuidesWhite PapersData Sheets
Customer Resources
Log InRelease NotesKnowledge Base
Company
About UsCareersContact Us
Facebook
Twitter
Linkedin
© 2024 Anvilogic. All Rights Reserved.
[Upcoming Session] 2024 Mid-Year Attacks & Trends. Join us August 1st.
Register
Skip to main content
April 20, 2021

Unauthenticated Path Traversal - CVE-2020-3452

Threats + Use Case

Description

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software(CVE-2020-3452) could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files.

References

Request Access to Use Case Repository

Categories

Initial Access

Exploit Public-Facing Application

Splunk

Break Free from SIEM Lock-in

Break Free from SIEM Lock-in

Book a Demo