CVE-2020-3178

Name of the Vulnerable Software and Affected Versions Cisco Content Security Management Appliance (SMA) (affected versions not specified)

Description The issue is related to improper input validation of HTTP request parameters in the web-based GUI of Cisco AsyncOS Software, allowing an unauthenticated, remote attacker to redirect a user to a malicious web page. This is known as an open redirect attack, often used in phishing attacks to trick users into visiting malicious sites. An attacker could exploit this by intercepting and modifying an HTTP request to redirect a user to a specific malicious URL, potentially allowing the attacker to obtain sensitive browser-based information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.