nuclei-templates/cves/2020/CVE-2020-3187.yaml

id: CVE-2020-3187

info:
  name: CVE-2020-3187
  author: KareemSe1im
  severity: critical
  description: A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system.
  reference:
    - https://twitter.com/aboul3la/status/1286809567989575685
    - http://packetstormsecurity.com/files/158648/Cisco-Adaptive-Security-Appliance-Software-9.7-Arbitrary-File-Deletion.html
    - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43
  tags: cve,cve2020,cisco
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
    cvss-score: 9.10
    cve-id: CVE-2020-3187
    cwe-id: CWE-22

requests:
  - method: GET
    path:
      - "{{BaseURL}}/+CSCOE+/session_password.html"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - webvpn
          - Webvpn
        part: header

      - type: status
        status:
          - 200
misc changes 2021-01-02 04:56:15 +00:00			`id: CVE-2020-3187`
Adding Cisco ASA/FTD Unauthenticated Arbitrary File Deletion - CVE-2020-3187 2020-07-25 01:53:21 +00:00
			`info:`
			`name: CVE-2020-3187`
			`author: KareemSe1im`
Added cve annotations + severity adjustments 2021-09-10 11:26:40 +00:00			`severity: critical`
Added tags to cves :sunglasses: (#813) * Added tags to cves :sunglasses: 2021-02-05 19:44:41 +00:00			`description: A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system.`
More ref 2021-03-16 15:18:54 +00:00			`reference:`
			`- https://twitter.com/aboul3la/status/1286809567989575685`
			`- http://packetstormsecurity.com/files/158648/Cisco-Adaptive-Security-Appliance-Software-9.7-Arbitrary-File-Deletion.html`
			`- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43`
Added tags to cves :sunglasses: (#813) * Added tags to cves :sunglasses: 2021-02-05 19:44:41 +00:00			`tags: cve,cve2020,cisco`
Added cve annotations + severity adjustments 2021-09-10 11:26:40 +00:00			`classification:`
			`cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N`
			`cvss-score: 9.10`
			`cve-id: CVE-2020-3187`
			`cwe-id: CWE-22`
Adding Cisco ASA/FTD Unauthenticated Arbitrary File Deletion - CVE-2020-3187 2020-07-25 01:53:21 +00:00
			`requests:`
			`- method: GET`
			`path:`
updating template 2020-07-25 06:57:30 +00:00			`- "{{BaseURL}}/+CSCOE+/session_password.html"`
Added tags to cves :sunglasses: (#813) * Added tags to cves :sunglasses: 2021-02-05 19:44:41 +00:00
updating template 2020-07-25 06:57:30 +00:00			`matchers-condition: and`
Adding Cisco ASA/FTD Unauthenticated Arbitrary File Deletion - CVE-2020-3187 2020-07-25 01:53:21 +00:00			`matchers:`
			`- type: word`
			`words:`
updating template 2020-07-25 06:57:30 +00:00			`- webvpn`
Update CVE-2020-3187.yaml 2020-07-25 07:05:19 +00:00			`- Webvpn`
updating template 2020-07-25 06:57:30 +00:00			`part: header`

			`- type: status`
			`status:`
			`- 200`