The version of Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software running on the remote web server is affected by a cross-site scripting vulnerability. An unauthenticated, remote attacker can exploit this, by convincing a user to click a specially crafted URL, to execute arbitrary script code in a user’s browser session.
Please see the included Cisco BID and Cisco Security Advisory for more information.
Binary data cisco_asa_cve-2020-3580.nbin
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | firepower_threat_defense | cpe:/o:cisco:firepower_threat_defense | |
cisco | adaptive_security_appliance_software | cpe:/a:cisco:adaptive_security_appliance_software |