Vulnerable product:
Сisco ASA and Cisco FTD
Severity:
Severity level: High
Impact: Path Traversal vulnerability in Cisco ASA and Cisco FTD
Access Vector: Remote
Base 7.5
CVE: CVE-2020-14622
Vulnerability description:
A vulnerability in Cisco ASA and Cisco FTD allows attackers to read some WebVPN-related files, which may contain sensitive information like WebVPN configuration data of Cisco ASA users, bookmarks, cookies, web content, and HTTP URLs.
Advisory status:
February 13, 2020 - Vendor notification date
July 22, 2020 - Security advisory publication date (https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86)
Credits:
The vulnerability was discovered by Mikhail Klyuchnikov, Positive Technologies
Identifier:
CVE-2020-14622
Vendor:
Cisco
Vulnerable product:
Cisco ASA, Cisco FTD
Get in touch
Fill in the form and our specialists
will contact you shortly
will contact you shortly