Guest

Preview Tool

Cisco Bug: CSCun78551 - Cisco ASA Information Disclosure Vulnerability

Last Modified

Feb 07, 2020

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

9.1(1)

Description (partial)

Symptom:
An unprivileged user could access information on the ASA filesystem. This includes running configuration if stored on the flash or disk

Conditions:
This happens in single or multi context, however when in multi context only user from the admin context could exploit this issue.

The attacker needs to have valid credentials, however any privilege level associated with that credential can cause the issue. For example privilege 0 or 1
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.