CVE STALKER

CVE-2020-3580

CVSS
DESCRIPTIONMultiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.
HEAT SCORE481

WORDS

TWEETS

DATE TWEETS USER
2021-07-28 02:50:06CVE-2020-3580 Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) So… https://t.co/1nomaZ3uHa https://twitter.com/i/web/status/1420214603791880194VulmonFeeds
2021-07-27 07:00:17So, get this. Reported a XSS due to CVE-2020-3580 in @Hacker0x01 was marked as duplicated. Other report is LFI due… https://t.co/ihLAinkQ79 https://twitter.com/i/web/status/1419914220662149132PhilippeDelteil
2021-07-20 02:10:03Nuclei just found me CVE-2020-3580, filled up the report and upon clicking submit a big alert box with "Yes, we alr… https://t.co/zbmbNGRZZ3 https://twitter.com/i/web/status/1417303589450657792foundbugs
2021-07-03 19:30:03CÓDIGO DE EXPLOTACIÓN PARA CVE-2020-3580, LA FALLA #XSS EN DISPOSITIVOS CISCO ES PUBLICADO EN LÍNEA. https://t.co/AeiWkWpowm https://buff.ly/3jmyH3egrevelo1
2021-07-02 11:20:17June 2021 - Updates! Highlight: Cisco ASA and FTD sofware XSS attacks - CVE-2020-3580 Unauthenticated, remote attac… https://t.co/hyL8BCxnq6 https://twitter.com/i/web/status/1410920533575802881IdappcomLtd
2021-07-01 14:31:11@Cisco ASA and FTD devices vulnerable to #CVE-2020-3580 are being actively targeted by threat actors https://t.co/TIfVZmDwDN https://therecord.media/cisco-devices-come-under-new-attacks-including-a-hacktivist-campaign/ericWadeFord
2021-07-01 09:21:22@NUKIB_CZ: Upozorňujeme na aktivní zneužívání starší zranitelnosti Cisco ASA (CVE-2020-3580) po nedávném vydání pro… https://t.co/T9S7p20UL0 https://twitter.com/i/web/status/1410526178801328128ceskoo_cz
2021-07-01 08:41:06Upozorňujeme na aktivní zneužívání starší zranitelnosti Cisco ASA (CVE-2020-3580) po nedávném vydání proof-of-conce… https://t.co/1wf7wD2Hfg https://twitter.com/i/web/status/1410516421730242564NUKIB_CZ
2021-07-01 08:40:56Upozorňujeme na aktivní zneužívání starší zranitelnosti Cisco ASA (CVE-2020-3580) po nedávném vydání proof-of-conce… https://t.co/IMlzH3RK3z https://twitter.com/i/web/status/1410516478089179139GOVCERT_CZ
2021-06-30 17:46:35Cisco security devices targeted with CVE-2020-3580 PoC exploit - https://t.co/onmUSKv6JM - @CiscoSecure @ptswarm… https://t.co/mKw4BCN0zz https://www.helpnetsecurity.com/2021/06/29/cve-2020-3580-exploit/ https://twitter.com/i/web/status/1410289658525855745helpnetsecurity
2021-06-29 22:00:26#Cisco ASA/FTDs are being targeted after a #PoC has been posted for CVE-2020-3580 by @ptswarm. Cisco devices were a… https://t.co/pfazaafcSH https://twitter.com/i/web/status/1409992824767004683ArchinalLee
2021-06-29 16:40:06Cisco and researchers warn of active exploits against Cisco ASA XSS vulnerability (CVE-2020-3580). POC code also pu… https://t.co/P82vivUkMj https://twitter.com/i/web/status/1409913905476952067securezoo
2021-06-29 15:30:07https://t.co/XmHljvO0oO Cisco security devices targeted with CVE-2020-3580 PoC exploit Attackers and bug hunters ar… https://t.co/pkT1FniAfp https://news.freeptomaineradio.com/?p=107833 https://twitter.com/i/web/status/1409896406895185922KingNormies
2021-06-29 14:50:04Código de explotación para CVE-2020-3580, la falla #xss en dispositivos #Cisco es publicado en línea… https://t.co/9obHM0qHTa https://twitter.com/i/web/status/1409886607499481095Uno_Tic
2021-06-29 14:00:11Cisco security devices targeted with CVE-2020-3580 PoC exploit - https://t.co/3gQzdRbNvd #cybersecurity #cloud… https://t.co/f68a7Z2KoQ https://www.getinfosec.news/7250251/cisco-security-devices-targeted-with-cve-2020-3580-poc-exploit?via=tw https://twitter.com/i/web/status/1409872094435893264GetinfosecN
2021-06-29 14:00:05A vulnerabilidade (CVE-2020-3580) está presente em dispositivos que rodam os softwares Cisco ASA ou Cisco FTD e já… https://t.co/6w23QngvTb https://twitter.com/i/web/status/1409873518867664907tempest_sec
2021-06-29 13:30:08Cisco security devices targeted with CVE-2020-3580 PoC exploit https://t.co/MVUl3aRrdj #Infosec #Secinfo #Security… https://t.co/p9F3WjEpiD https://www.helpnetsecurity.com/2021/06/29/cve-2020-3580-exploit/ https://twitter.com/i/web/status/1409865830188335104CeptBiro
2021-06-29 13:20:05Cisco security devices targeted with CVE-2020-3580 PoC exploit https://t.co/kQmc3ubIMq #Infosec #Secinfo #Security… https://t.co/LwfhP2ICwy https://www.helpnetsecurity.com/2021/06/29/cve-2020-3580-exploit/ https://twitter.com/i/web/status/1409863574466359303ReneRobichaud
2021-06-29 13:00:12Cisco security devices targeted with CVE-2020-3580 PoC exploit #Infosec #cybersecurity #security https://t.co/bHOxYeHJjR https://www.helpnetsecurity.com/2021/06/29/cve-2020-3580-exploit/?utm_source=dlvr.it&utm_medium=twitterNecio_news
2021-06-29 11:40:25#Cisco #security devices targeted with CVE-2020-3580 PoC #exploit https://t.co/KaV5P9aWHP #HelpNetSecurity http://feedproxy.google.com/~r/HelpNetSecurity/~3/D2yoG11oQnk/SecurityNewsbot
2021-06-29 11:10:07Cisco security devices targeted with CVE-2020-3580 PoC exploit https://t.co/ZWpFs0L5Ng https://t.co/PvYmGWDcUM http://twib.in/l/y4ApA9p6dzrbInfoSecHotSpot
2021-06-29 10:30:12Cisco security devices targeted with CVE-2020-3580 PoC exploit https://t.co/vWfmckLfh3 #bughunting #Cisco #exploit https://t.co/OHLPvNkeUr https://bit.ly/3A9aC5Pgzunigah
2021-06-29 10:20:13Cisco security devices targeted with CVE-2020-3580 PoC exploit - https://t.co/pCleoJy6O9 - @CiscoSecure @ptswarm… https://t.co/wSSbvZ0VJN https://helpnetsecurity.com/2021/06/29/cve-2020-3580-exploit/ https://twitter.com/i/web/status/1409816547867213824helpnetsecurity
2021-06-29 10:20:11Cisco security devices targeted with CVE-2020-3580 PoC exploit https://t.co/VOadgohNdi http://dlvr.it/S2h4dGXc0resecurity
2021-06-29 09:50:06Cisco security devices targeted with CVE-2020-3580 PoC exploit - https://t.co/onmUSKv6JM - @CiscoSecure @ptswarm… https://t.co/c3Z4dAHXvc https://www.helpnetsecurity.com/2021/06/29/cve-2020-3580-exploit/ https://twitter.com/i/web/status/1409810142611263496helpnetsecurity
2021-06-29 09:40:19Cisco security devices targeted with CVE-2020-3580 PoC exploit https://t.co/KppLrauwel #news #cybersecurity #infosec https://t.co/5CrDXdL4IH http://dlvr.it/S2gyBLDeepFriedCyber
2021-06-29 09:40:18Help Net Security | "Cisco security devices targeted with CVE-2020-3580 PoC exploit" https://t.co/Id5iBg8sMJ https://bit.ly/3h1p6x3joviannfeed
2021-06-29 09:40:15Cisco security devices targeted with CVE-2020-3580 PoC exploit https://t.co/QLMY13Q4Nn https://www.itsecuritynews.info/cisco-security-devices-targeted-with-cve-2020-3580-poc-exploit/IT_securitynews
2021-06-29 09:40:11Cisco security devices targeted with CVE-2020-3580 PoC exploit: Attackers and bug hunters are leveraging an exploit… https://t.co/VomRAUH9aM https://twitter.com/i/web/status/1409807621326925824shah_sheikh
2021-06-29 09:40:10Cisco security devices targeted with CVE-2020-3580 PoC exploit: Attackers and bug hunters are leveraging an exploit… https://t.co/B0GPXAYYwN https://twitter.com/i/web/status/1409807621721186304cipherstorm
2021-06-29 09:40:09Cisco security devices targeted with CVE-2020-3580 PoC exploit https://t.co/A2VGMm93zH #SofiaITC #Technology… https://t.co/jszExu7cw9 http://news.sofiaitc.com/S2gz2G https://twitter.com/i/web/status/1409807750461214730SofiaITC
2021-06-29 09:10:10CVE-2020-3580: Proof of Concept Published for Cisco ASA Flaw Patched in October https://t.co/SGENXpYk2l http://ow.ly/8FBd102NU4KAlicePintori
2021-06-29 09:10:07Código de explotación para CVE-2020-3580, la falla XSS en dispositivos Cisco es publicado en línea https://t.co/LRgribzBPo https://noticiasseguridad.com/vulnerabilidades/codigo-de-explotacion-para-cve-2020-3580-la-falla-xss-en-dispositivos-cisco-es-publicado-en-linea/ciberconsejo
2021-06-29 01:20:03CVE-2020-3580 Cisco ASA XSS漏洞 https://t.co/VnQ0VDwZOr https://www.pwnwiki.org/index.php?title=CVE-2020-3580_Cisco_ASA_XSS%E6%BC%8F%E6%B4%9Epwnwikiorg
2021-06-29 00:10:07CVE-2020-3580: Proof of Concept Published for Cisco ASA Flaw Patched in October https://t.co/Ec9pWtGioH http://www.tenable.com/blog/cve-2020-3580-proof-of-concept-published-for-cisco-asa-flaw-patched-in-octobernekochanSec555
2021-06-28 23:40:05概念実証コードが公開されたCisco ASAのXSS脆弱性について警告、Tebable | TECH+ https://t.co/WzvqRjhYOG "「CVE-2020-3580」に関する概念実証コードが公開されたことに関連… https://t.co/LxAgRSOUTa https://news.mynavi.jp/article/20210629-1911608/ https://twitter.com/i/web/status/1409656136752459777catnap707
2021-06-28 23:40:04CVE-2020-3580: Proof of Concept Published for Cisco ASA Flaw Patched in October - Blog | Tenable®… https://t.co/YNreyNqI6Y https://twitter.com/i/web/status/1409656463132295178catnap707
2021-06-28 23:10:04In-the-wild XSS attacks have commenced against the security appliance (CVE-2020-3580), as researchers publish explo… https://t.co/3rUj5qwhDA https://twitter.com/i/web/status/1409647976595693569Stealthcare_
2021-06-28 20:50:11Código de explotación para CVE-2020-3580, la falla XSS en dispositivos Cisco es publicado en línea https://t.co/Ag9Vmx5XN9 http://dlvr.it/S2fFHbiHackeo
2021-06-28 20:10:21CVE-2020-3580 보안취약점 공개 후, 시스코 ASA 타깃 공격 발생 https://t.co/Br7LAEKAhP https://www.dailysecu.com/news/articleView.html?idxno=126086rokmc_sns
2021-06-28 20:10:14Código de explotación para CVE-2020-3580, la falla XSS en dispositivos Cisco es publicado en línea https://t.co/a5QyOBUiXY https://noticiasseguridad.com/vulnerabilidades/codigo-de-explotacion-para-cve-2020-3580-la-falla-xss-en-dispositivos-cisco-es-publicado-en-linea/torsity_intel
2021-06-28 19:40:10Código de explotación para CVE-2020-3580, la falla XSS en dispositivos Cisco es publicado en línea… https://t.co/Q985oGe7HC https://twitter.com/i/web/status/1409595983432806400AcooEdi
2021-06-28 19:40:06Exploit code for XSS vulnerability CVE-2020-3580 in Cisco devices published online https://t.co/jaU7xJZxY2 https://ift.tt/3hj8cJzAlexaGm33043450
2021-06-28 19:30:06#Cibersegruidad #infosec #seguridad #hacking Código de explotación para CVE-2020-3580, la falla XSS en dispositivos… https://t.co/JrWfSZ6hgR https://twitter.com/i/web/status/1409594710813908996Webimprints
2021-06-28 19:30:05#infosec #informationsecurity Exploit code for XSS vulnerability CVE-2020-3580 in Cisco devices published online… https://t.co/vYV3sLep4t https://twitter.com/i/web/status/1409594778489016329Webimprints
2021-06-28 18:40:17Researchers at at #PositiveTechnologies have published a #proofofconcept #exploit for CVE-2020-3580, #Cisco's ASA f… https://t.co/Ug8Hw1VM8I https://twitter.com/i/web/status/1409579858280189963securitymag
2021-06-28 17:50:17The impact of exploiting the vulnerability identified in CVE-2020-3580 allows an attacker to modify the device’s co… https://t.co/yfZBttY9m3 https://twitter.com/i/web/status/1409567957420855303nVisium
2021-06-28 16:40:15The first campaign exploits CVE-2020-3580 and comes after Positive Technologies posted a PoC on Twitter last week.… https://t.co/FXwUj7CnM9 https://twitter.com/i/web/status/1409550418171080708campuscodi
2021-06-28 16:20:03🔥 Vulnerabilidad de Cisco ASA explotada activamente después del lanzamiento del exploit para CVE-2020-3580. 🛡 Es i… https://t.co/EAOcmeMaiw https://twitter.com/i/web/status/1409546795575910404CERTpy
2021-06-28 13:50:14La vulnérabilité de type "cross-site scripting" (XSS) de Cisco ASA #CVE-2020-3580 est activement exploitée suite à… https://t.co/ACKQkDrHlf https://twitter.com/i/web/status/1409507076469035012cert_ist
2021-06-28 10:50:04@wugeej XSS in Cisco ASA ,CVE-2020-3580 Nuclei template #CVE #Cisco https://t.co/dyMVSocNXI @pdnuclei https://gist.githubusercontent.com/0x240x23elu/c99d44376ffda02b1a4a05a1037cb126/raw/a9038f094eaa427a9b5680f780f64f9e3edffdc0/CVE-2020-3580.yaml0x240x23elu
2021-06-28 10:50:03@ptswarm XSS in Cisco ASA ,CVE-2020-3580 Nuclei template #CVE #Cisco https://t.co/dyMVSocNXI @pdnuclei https://gist.githubusercontent.com/0x240x23elu/c99d44376ffda02b1a4a05a1037cb126/raw/a9038f094eaa427a9b5680f780f64f9e3edffdc0/CVE-2020-3580.yaml0x240x23elu
2021-06-28 09:20:06#Cisco ASA,FTD SAML TUNNEL-GROUP NAME XSS (CVE-2020-3580) POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1 Host: cisco… https://t.co/crTKN82TGj https://twitter.com/i/web/status/1409440816611823631wugeej
2021-06-28 09:20:04#Cisco ASA SAML TUNNEL-GROUP NAME XSS (CVE-2020-3580) PoC Tester https://t.co/rSSmdreuuC https://github.com/Hudi233/CVE-2020-3580/blob/main/cve-2020-3580.pywugeej
2021-06-28 08:00:12『Tenable has also received a report that attackers are exploiting CVE-2020-3580 in the wild.』 CVE-2020-3580: Proof… https://t.co/9DvEznG9hH https://twitter.com/i/web/status/1409419808580329475autumn_good_35
2021-06-28 07:50:03#Cisco ASA #Vulnerability (CVE-2020-3580) Now Actively Exploited by cyber attackers as PoC Drops: https://t.co/bDGZ5Pbzsw via @threatpost https://threatpost.com/cisco-asa-bug-exploited-poc/167274/step9consulting
2021-06-28 07:00:07Les ASA de Cisco attaqués suite fuite du code de la faille via CVE-2020-3580. https://t.co/sKpt1PlGE5 #NUI #rouen… https://t.co/3eYYnKq6bT https://thehackernews.com/2021/06/cisco-asa-flaw-under-active-attack.html https://twitter.com/i/web/status/1409405800200687616jpierre76
2021-06-28 05:20:08XSS in Cisco ASA ,CVE-2020-3580 Nuclei template #CVE #Cisco https://t.co/dyMVSocNXI @pdnuclei https://gist.githubusercontent.com/0x240x23elu/c99d44376ffda02b1a4a05a1037cb126/raw/a9038f094eaa427a9b5680f780f64f9e3edffdc0/CVE-2020-3580.yaml0x240x23elu
2021-06-27 20:10:07「PoCエクスプロイトがTwitterに公開された後、ハッカーはCisco ASAデバイスの脆弱性をスキャンし、積極的に悪用しています。 このCiscoASAの脆弱性は、CVE-2020-3580として追跡されるクロスサイトスク… https://t.co/SKyMrXwrq2 https://twitter.com/i/web/status/1409240351118970881foxbook
2021-06-27 19:10:03CVE-2020-3580 Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) So… https://t.co/Fh9E4VkAUp https://twitter.com/i/web/status/1409225943395278849VulmonFeeds
2021-06-27 08:30:23"In-the-wild XSS attacks have commenced against the security appliance (CVE-2020-3580), as researchers publish exploit code on Twitter."ohhara_shiojiri
2021-06-26 22:00:11XSS in Cisco ASA… CVE-2020-3580 https://t.co/fO09aPdHxM https://twitter.com/ptswarm/status/1408050644460650502safe_secs
2021-06-26 20:30:29"In-the-wild #XSS attacks have commenced against the security appliance (CVE-2020-3580), as researchers publish exp… https://t.co/vQtYgOhMLn https://twitter.com/i/web/status/1408884277325008899alvisharding
2021-06-25 20:00:41CVE-2020-3580: Proof of Concept Published for Cisco ASA Flaw Patched in October https://t.co/L4kqrc07nu http://ow.ly/gyBP102NymWLori_Riot
2021-06-25 16:21:03In-the-wild XSS attacks have commenced against the security appliance (CVE-2020-3580), as researchers publish explo… https://t.co/3Jwzwwetll https://twitter.com/i/web/status/1408457476622725120gasparem
2021-06-25 16:20:20In-the-wild XSS attacks have commenced against the security appliance (CVE-2020-3580), as researchers publish explo… https://t.co/Ju6qoTkLGO https://twitter.com/i/web/status/1408458548791623689corellianUK
2021-06-25 16:12:42CVE-2020-3580: Proof of Concept Published for Cisco ASA Flaw Patched in October - Blog | Tenable® https://t.co/yhkIMXLVwG https://www.tenable.com/blog/cve-2020-3580-proof-of-concept-published-for-cisco-asa-flaw-patched-in-octoberSecnewsbytes
2021-06-25 14:40:05CVE-2020-3580: Proof of Concept Published for Cisco ASA Flaw Patched in October https://t.co/XNrzngEhkE http://ow.ly/k6Vy102Nw4UcybersmithIO
2021-06-25 13:11:22Researchers at Positive Technologies have published a proof-of-concept exploit for CVE-2020-3580. There are reports… https://t.co/iucFs2DLrh https://twitter.com/i/web/status/1408410568202063886TenableSecurity
2021-06-25 13:00:41CVE-2020-3580: Prova de conceito publicada para falha Cisco ASA corrigida em outubro https://t.co/pYxqkSzKYW http://ow.ly/G3HO102NvwGdansantanna
2021-06-25 11:40:18CVE-2020-3580: Proof of Concept Published for Cisco ASA Flaw Patched in October https://t.co/vtOceUjxzl http://ow.ly/hAH4102Nv9wMichal_Jarski
2021-06-25 10:21:09CVE-2020-3580: Proof of Concept Published for Cisco ASA Flaw Patched in October https://t.co/Pfo4B6Ay42 http://ow.ly/Q7d3102NtwkArt_Capella
2021-06-25 05:10:27#bugbountytips XSS in Cisco ASA CVE-2020-3580 POST /+CSCOE+/saml/sp/acs?tgname=a Host:https://t.co/gfmVJ9Revz Acc… https://t.co/CWCOAtRx0U http://target.com https://twitter.com/i/web/status/1408290933322354688cycatz2
2021-06-24 22:00:31CVE-2020-3580: Proof of Concept Published for Cisco ASA Flaw Patched in October - https://t.co/QkrP1qR3hB https://www.tenable.com/blog/cve-2020-3580-proof-of-concept-published-for-cisco-asa-flaw-patched-in-octoberka0com
2021-06-24 15:40:12Top story: @ptswarm: '🎁PoC for XSS in Cisco ASA (CVE-2020-3580) POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1 Host:… https://t.co/jrxWmIUpYR https://twitter.com/i/web/status/1408085687656669186Bc10ver
2021-06-24 14:10:13The hunt for low hanging CVE-2020-3580 by @ptswarm has begun. A lot of submissions/duplicates are waiting for… https://t.co/PbDfzKsKiM https://twitter.com/i/web/status/1408064449835978760__mn1__
2021-06-24 13:20:23🎁PoC for XSS in Cisco ASA (CVE-2020-3580) POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1 Host: ciscoASA.local Content… https://t.co/IQoZKoQsi2 https://twitter.com/i/web/status/1408050644460650502ptswarm
2020-10-28 17:01:05New post from https://t.co/9KYxtdZjkl (CVE-2020-3580 (adaptive_security_appliance_software, firepower_threat_defens… https://t.co/x1vufsa2VB http://www.sesin.at https://twitter.com/i/web/status/1321494577564553217www_sesin_at
2020-10-28 17:00:54New post from https://t.co/uXvPWJy6tj (CVE-2020-3580 (adaptive_security_appliance_software, firepower_threat_defens… https://t.co/82tW8Ofz2O http://www.sesin.at https://twitter.com/i/web/status/1321494616433139714WolfgangSesin
2020-10-22 04:10:43New post from https://t.co/9KYxtdZjkl (CVE-2020-3580) has been published on https://t.co/MGOiVwz7an http://www.sesin.at https://www.sesin.at/2020/10/22/cve-2020-3580/www_sesin_at
2020-10-22 04:10:23New post from https://t.co/uXvPWJy6tj (CVE-2020-3580) has been published on https://t.co/pZ8IcbEUlD http://www.sesin.at https://www.sesin.at/2020/10/22/cve-2020-3580/WolfgangSesin
2020-10-21 23:00:54CVE-2020-3580 is called Linked Tabor https://t.co/TNUeaT8w7L https://nvd.nist.gov/vuln/detail/CVE-2020-3580vulnonym
2020-10-21 19:50:38CVE-2020-3580 Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Sof… https://t.co/MtscuknDGV https://twitter.com/i/web/status/1319001892605841410CVEnew