CVE-2020-3547
Cisco AsyncOS software on ESA, SMA, and WSA exposes an information-disclosure vulnerability in the web-based management interface due to an insecure method for masking passwords in HTML. An authenticated, remote attacker connected to the management interface could view the raw HTML and potentiall...