Multiple vulnerabilities have been discovered in Cisco Products, the most severe of which could allow for directory traversal attacks. Cisco is a vendor for IT, networking and cybersecurity solutions. Successful exploitation of the most severe of these vulnerabilities could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system.
There is currently no reports of these vulnerabilities being exploited in the wild.
- Cisco Adaptive Security Appliance versions prior to 9.14
- Cisco Firepower Threat Defense versions prior to 6.6.0
Multiple vulnerabilities have been discovered in Cisco Products, the most severe of which could allow for directory traversal attacks. This vulnerability can be exploited by sending a crafted HTTP request containing directory traversal character sequences. Details of the vulnerabilities are as follows:
- CVE-2020-3187: Path traversal attack
- CVE-2020-3125: insufficient identity verification of the Kerberos key distribution center leads to authentication bypass
- CVE-2020-3259: buffer tracking issue when the software parses invalid URLs, allows for attacker to retrieve memory contents
- CVE-2020-3254: inefficient memory management, Denial of Service
- CVE-2020-3196: improper resource management for inbound SSL/TLS connections ,Denial of Service
- CVE-2020-3298: improper memory protection mechanisms while processing certain OSPF packets ,Denial of Service
- CVE-2020-3191: incorrect processing of certain OSPF packets leads to memory leak, Denial of Service
- CVE-2020-3195: incorrect processing of certain OSPF packets ,Denial of Service
Successful exploitation of the most severe of these vulnerabilities could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system.
- After appropriate testing, immediately apply the patches or mitigations provided by Cisco to vulnerable systems.
- Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.
- Remind users not to visit websites or follow links provided by unknown or untrusted sources.
- Inform and educate users regarding the threats posed by hypertext links contained in emails or attachments especially from un-trusted sources.
- Apply the Principle of Least Privilege to all systems and services.