CVE-2020-27130

Name of the Vulnerable Software and Affected Versions: Cisco Security Manager (affected versions not specified)

Description: The issue is related to improper validation of directory traversal character sequences within requests to an affected device, which could allow an unauthenticated, remote attacker to gain access to sensitive information. An attacker could exploit this by sending a crafted request to the affected device, potentially allowing them to download arbitrary files from the device.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.