Cisco PIX Firewall Manager File Exposure

Cisco PIX Firewall Manager File Exposure

It is reported that Cisco PIX Firewall products contain a vulnerability in their management software that allows remote attackers to retrieve arbitrary files
from the web server computer.

This application runs on Microsoft Windows, as 'Administrator'.

The application improperly allows an attacker to request arbitrary files from the hosting computer. This includes network attached storage, such as CIFS network shares.

This vulnerability allows an attacker to retrieve potentially sensitive files which may aid them in further compromise.