id: CVE-2020-3187

info:
  name: CVE-2020-3187
  author: KareemSe1im
  severity: high
  description: A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system.
  reference:
    - https://twitter.com/aboul3la/status/1286809567989575685
    - http://packetstormsecurity.com/files/158648/Cisco-Adaptive-Security-Appliance-Software-9.7-Arbitrary-File-Deletion.html
    - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43
  tags: cve,cve2020,cisco

requests:
  - method: GET
    path:
      - "{{BaseURL}}/+CSCOE+/session_password.html"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - webvpn
          - Webvpn
        part: header

      - type: status
        status:
          - 200