Cisco Bug: CSCun78551 - Cisco ASA Information Disclosure Vulnerability

Last Modified

Feb 07, 2020

Products (1)

Cisco ASA 5500-X Series Firewalls

Known Affected Releases

9.1(1)

Description (partial)

Symptom:
An unprivileged user could access information on the ASA filesystem. This includes running configuration if stored on the flash or disk

Conditions:
This happens in single or multi context, however when in multi context only user from the admin context could exploit this issue.

The attacker needs to have valid credentials, however any privilege level associated with that credential can cause the issue. For example privilege 0 or 1

View Bug Details in Bug Search Tool Login Required

Why Is Login Required?

Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

Full Description (including symptoms, conditions and workarounds)
Status
Severity
Known Fixed Releases
Related Community Discussions
Number of Related Support Cases

Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.

Learn More About Cisco Service Contracts