Description
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system.
Remediation
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
References
Related Vulnerabilities
Ruby Improper Input Validation Vulnerability (CVE-2015-7551)
WordPress 'wp-admin/options.php' Remote Code Execution Vulnerability (0.6.2 - 2.3.2)
PHP Improper Input Validation Vulnerability (CVE-2016-4537)
WordPress Improper Input Validation Vulnerability (CVE-2011-4957)
Perl Improper Input Validation Vulnerability (CVE-2016-2381)