claytonvantol.us
SESSION: secure TLS: 1.3 PID: 1337

clayton@site:~/news$ cat cve-2020-3580-cisco-adaptive-security-appliance-asa-and-firepower-threat-defense-ftd.log

CVE-2020-3580 — Cisco ASA and FTD Cross-Site Scripting (XSS) Vulnerability

2021-11-03 • CISA Known Exploited Vulnerability

[event] Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an insufficient input validation vulnerability for user-supplied input by the web services interface. Successful exploitation could allow an attacker to perform cross-site scripting (XSS) in the context of the interface or access sensitive browser-based information.

> AFFECTED SOFTWARE

Field Value
Vendor Cisco
Product Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
CWE CWE-79
CVE ID CVE-2020-3580
Date Added 2021-11-03
Due Date 2022-05-03
Ransomware Campaign Known — this vulnerability has been leveraged in ransomware campaigns

> MITIGATION

Apply updates per vendor instructions.

Due Date: 2022-05-03

> REFERENCES

← back to terminal

UPTIME: 1337d v2.0.1 privacy LAST LOGIN: 2026-05-30 20:36:15 UTC