The vulnerability was published on July 22nd with severity CVSS7.5, which allows an unauthenticated remote attacker to perform a Directory Traversal attack that leads to the disclosure of sensitive information. This vulnerability originates from the lack of proper validation of the input URLs in HTTP requests, and the attacker can obtain its information by sending a manipulated HTTP request to the victim’s system.
Vulnerable versions
solution
To fix this vulnerability, Cisco has made security patches available. You can get more information using the link below.