Vulnerability-Lookup - Search a vulnerability

Vulnerability from fkie_nvd

Published

2017-11-02 16:29

Modified

2024-11-21 03:09

Severity ?

8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the Smart Licensing Manager service of the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges. The vulnerability is due to insufficient input validation of certain Smart Licensing configuration parameters. An authenticated attacker could exploit the vulnerability by configuring a malicious URL within the affected feature. A successful exploit could allow the attacker to execute arbitrary commands with root privileges. This vulnerability affects the following Cisco Firepower Security products running FX-OS code trains 1.1.3, 1.1.4, and 2.0.1 (versions 2.1.1, 2.2.1, and 2.2.2 are not affected): Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance. Cisco Bug IDs: CSCvb86863.

References

URL	Tags
ykramarz@cisco.com	http://www.securityfocus.com/bid/101661	Third Party Advisory, VDB Entry
ykramarz@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-fpwr	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/101661	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-fpwr	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_extensible_operating_system	*
cisco	firepower_extensible_operating_system	1.1.4
cisco	firepower_extensible_operating_system	2.0.1
cisco	firepower_4110_next-generation_firewall	-
cisco	firepower_4120_next-generation_firewall	-
cisco	firepower_4140_next-generation_firewall	-
cisco	firepower_4150_next-generation_firewall	-
cisco	firepower_9300_security_appliance	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "874CB53B-A760-4298-8434-D5CC7B56D8E5",
              "versionEndIncluding": "1.1.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FD3529C-F92B-45AD-B03D-011B6FE4E79B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "156BCE34-6E6D-4C75-AA38-B24E77FBDD7E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4110_next-generation_firewall:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CC4B991-7160-4C32-9A8E-778602FDE349",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4120_next-generation_firewall:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DB5299D-3948-474C-B977-8FD2A849945D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4140_next-generation_firewall:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "161EEC9B-419D-4C88-B546-04931D0037E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4150_next-generation_firewall:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDEAEC97-05AC-4E8B-A9A5-14800AAF1EB8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0574E77C-18C6-4621-B73A-DCDD6D1B5E37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Smart Licensing Manager service of the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges. The vulnerability is due to insufficient input validation of certain Smart Licensing configuration parameters. An authenticated attacker could exploit the vulnerability by configuring a malicious URL within the affected feature. A successful exploit could allow the attacker to execute arbitrary commands with root privileges. This vulnerability affects the following Cisco Firepower Security products running FX-OS code trains 1.1.3, 1.1.4, and 2.0.1 (versions 2.1.1, 2.2.1, and 2.2.2 are not affected): Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance. Cisco Bug IDs: CSCvb86863."
    },
    {
      "lang": "es",
      "value": "Un vulnerabilidad en el servicio Smart Licensing Manager de Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) y Firepower 9300 Security Appliance podr\u00eda permitir que un atacante remoto autenticado inyecte comandos que se podr\u00edan ejecutar con privilegios root. Esta vulnerabilidad se debe a la validaci\u00f3n insuficiente de los valores de entrada de algunos par\u00e1metros de configuraci\u00f3n de Smart Licensing. Un atacante autenticado podr\u00eda explotar la vulnerabilidad configurando un URL malicioso en la caracter\u00edstica afectada. Un exploit con \u00e9xito podr\u00eda permitir que el atacante ejecute comandos arbitrarios con privilegios root. Esta vulnerabilidad afecta a los siguientes productos de Cisco Firepower Security que ejecuten las versiones de c\u00f3digo de FX-OS 1.1.3, 1.1.4 y 2.0.1 (las versiones 2.1.1, 2.2.1 y 2.2.2 no est\u00e1n afectadas): Firepower 4100 Series Next-Generation Firewall y Firepower 9300 Security Appliance. Cisco Bug IDs: CSCvb86863."
    }
  ],
  "id": "CVE-2017-12277",
  "lastModified": "2024-11-21T03:09:13.077",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-11-02T16:29:00.427",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101661"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-fpwr"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101661"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-fpwr"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        },
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2017-11-02 16:29

Modified

2024-11-21 03:09

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to obtain root shell privileges on the device, aka Command Injection. The vulnerability is due to improper validation of string input in the shell application. An attacker could exploit this vulnerability through the use of malicious commands. A successful exploit could allow the attacker to obtain root shell privileges on the device. Cisco Bug IDs: CSCvf20741, CSCvf60078.

References

URL	Tags
ykramarz@cisco.com	http://www.securityfocus.com/bid/101652	Third Party Advisory, VDB Entry
ykramarz@cisco.com	http://www.securitytracker.com/id/1039719	Third Party Advisory, VDB Entry
ykramarz@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-arce	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/101652	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1039719	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-arce	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	unified_computing_system_manager_firmware	-
cisco	unified_computing_system_manager	-
cisco	firepower_9300_security_appliance_firmware	-
cisco	firepower_9300_security_appliance	-
cisco	firepower_4100_next-generation_firewall_firmware	-
cisco	firepower_4110_next-generation_firewall	-
cisco	firepower_4120_next-generation_firewall	-
cisco	firepower_4140_next-generation_firewall	-
cisco	firepower_4150_next-generation_firewall	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_computing_system_manager_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0933D49C-E079-4071-A69F-60DCBD5E88F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_computing_system_manager:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF9380E9-30C8-4CD2-BA77-EE61EA490F3F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_9300_security_appliance_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD314E64-ECA6-4200-BB6B-880DB07F19ED",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0574E77C-18C6-4621-B73A-DCDD6D1B5E37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_4100_next-generation_firewall_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91A99DA5-0087-4F62-8A12-DAC826311530",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4110_next-generation_firewall:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CC4B991-7160-4C32-9A8E-778602FDE349",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4120_next-generation_firewall:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DB5299D-3948-474C-B977-8FD2A849945D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4140_next-generation_firewall:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "161EEC9B-419D-4C88-B546-04931D0037E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4150_next-generation_firewall:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDEAEC97-05AC-4E8B-A9A5-14800AAF1EB8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to obtain root shell privileges on the device, aka Command Injection. The vulnerability is due to improper validation of string input in the shell application. An attacker could exploit this vulnerability through the use of malicious commands. A successful exploit could allow the attacker to obtain root shell privileges on the device. Cisco Bug IDs: CSCvf20741, CSCvf60078."
    },
    {
      "lang": "es",
      "value": "Un vulnerabilidad en Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) y Cisco Firepower 9300 Security Appliance podr\u00eda permitir que un atacante local autenticado obtenga privilegios root shell en el dispositivo. Esta vulnerabilidad tambi\u00e9n se conoce como Command Injection. La vulnerabilidad se debe a una validaci\u00f3n inadecuada de valores de entrada de una cadena en la aplicaci\u00f3n shell. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el uso de comandos maliciosos. Un exploit exitoso podr\u00eda permitir que el atacante obtenga privilegios root shell en el dispositivo. Cisco Bug IDs: CSCvf20741, CSCvf60078."
    }
  ],
  "id": "CVE-2017-12243",
  "lastModified": "2024-11-21T03:09:06.650",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-11-02T16:29:00.193",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101652"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039719"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-arce"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101652"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039719"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-arce"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-08-23 19:15

Modified

2024-11-21 07:40

Severity ?

4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Summary

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability by authenticating to an affected device and using the command at the CLI. A successful exploit could allow the attacker to overwrite any file on the disk of the affected device, including system files. The attacker must have valid administrative credentials on the affected device to exploit this vulnerability.

References

▼	URL	Tags
	ykramarz@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_extensible_operating_system	-
cisco	firepower_1000	-
cisco	firepower_1010	-
cisco	firepower_1020	-
cisco	firepower_1030	-
cisco	firepower_1040	-
cisco	firepower_2100	-
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-
cisco	firepower_4100	-
cisco	firepower_4110	-
cisco	firepower_4110_next-generation_firewall	-
cisco	firepower_4112	-
cisco	firepower_4115	-
cisco	firepower_4120	-
cisco	firepower_4120_next-generation_firewall	-
cisco	firepower_4125	-
cisco	firepower_4140	-
cisco	firepower_4140_next-generation_firewall	-
cisco	firepower_4145	-
cisco	firepower_4150	-
cisco	firepower_4150_next-generation_firewall	-
cisco	firepower_9300	-
cisco	firepower_9300_security_appliance	-
cisco	firepower_9300_sm-24	-
cisco	firepower_9300_sm-36	-
cisco	firepower_9300_sm-40	-
cisco	firepower_9300_sm-44	-
cisco	firepower_9300_sm-44_x_3	-
cisco	firepower_9300_sm-48	-
cisco	firepower_9300_sm-56	-
cisco	firepower_9300_sm-56_x_3	-
cisco	firepower_9300_with_1_sm-24_module	-
cisco	firepower_9300_with_1_sm-36_module	-
cisco	firepower_9300_with_1_sm-44_module	-
cisco	firepower_9300_with_3_sm-44_module	-
cisco	secure_firewall_3105	-
cisco	secure_firewall_3110	-
cisco	secure_firewall_3120	-
cisco	secure_firewall_3130	-
cisco	secure_firewall_3140	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_extensible_operating_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA31612B-EF1E-4676-8423-285C2125C0CB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6F79864-CA70-4192-AC2C-E174DF3F25B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8B5AF8-6A57-482A-9442-E857EE7E207B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9929280-2AAC-4B56-A42C-1F6EDE83988E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F29B6BC3-D716-4A3D-9679-B7BE81F719C8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D23A26EF-5B43-437C-A962-4FC69D8A0FF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4110_next-generation_firewall:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CC4B991-7160-4C32-9A8E-778602FDE349",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4120_next-generation_firewall:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DB5299D-3948-474C-B977-8FD2A849945D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4140_next-generation_firewall:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "161EEC9B-419D-4C88-B546-04931D0037E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4150_next-generation_firewall:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDEAEC97-05AC-4E8B-A9A5-14800AAF1EB8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0574E77C-18C6-4621-B73A-DCDD6D1B5E37",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18048A84-BA0F-48EF-AFFB-635FF7F70C66",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "317DF3DD-C7CD-4CA2-804F-A738E048BEB4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C13CF29B-9308-452B-B7E0-9E818B5A6C1E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DB527C2-855E-4BB9-BCA7-94BE86100D44",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E82C1B05-990D-49D2-B80A-C3EDD4082840",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "421D91C3-8AB3-45E1-9E55-13ED1A4A623E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D741945-8B0A-408D-A5FE-D5B38DC6D46A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9308CA67-E949-4338-A890-22B3C4428D70",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_with_1_sm-24_module:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3C6CC11-470A-47A4-AAF5-D5580FB78562",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_with_1_sm-36_module:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA4A2B35-5106-4F43-835A-7F97D2324373",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_with_1_sm-44_module:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0F7F452-9294-4445-A344-1A76B277C45D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_with_3_sm-44_module:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EA604D8-76C0-40B9-8675-02BEEA18E432",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5D9FDF8-13BF-425F-9802-1A334065D7C0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87403E0F-659C-4C5B-863D-0274D2828A9A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73D24C57-2311-48E9-879E-124472E98F6F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE02D38A-5354-47E6-A46F-06D53F14F5A8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F191A423-DB18-4F3A-9D31-C3DD8F185C88",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files.\r\n\r The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability by authenticating to an affected device and using the command at the CLI. A successful exploit could allow the attacker to overwrite any file on the disk of the affected device, including system files. The attacker must have valid administrative credentials on the affected device to exploit this vulnerability."
    }
  ],
  "id": "CVE-2023-20234",
  "lastModified": "2024-11-21T07:40:57.383",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 3.6,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-08-23T19:15:08.277",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-73"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-732"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2017-12243

Vulnerability from cvelistv5

Published

2017-11-02 16:00

Modified

2024-08-05 18:28

Severity ?

Summary

A vulnerability in the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to obtain root shell privileges on the device, aka Command Injection. The vulnerability is due to improper validation of string input in the shell application. An attacker could exploit this vulnerability through the use of malicious commands. A successful exploit could allow the attacker to obtain root shell privileges on the device. Cisco Bug IDs: CSCvf20741, CSCvf60078.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/101652	vdb-entry, x_refsource_BID
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-arce	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039719	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

n/a

Cisco UCS Manager, Cisco Firepower 4100 Series NGFW, and Cisco Firepower 9300 Security Appliance

Version: Cisco UCS Manager, Cisco Firepower 4100 Series NGFW, and Cisco Firepower 9300 Security Appliance

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:28:16.743Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "101652",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101652"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-arce"
          },
          {
            "name": "1039719",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039719"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco UCS Manager, Cisco Firepower 4100 Series NGFW, and Cisco Firepower 9300 Security Appliance",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco UCS Manager, Cisco Firepower 4100 Series NGFW, and Cisco Firepower 9300 Security Appliance"
            }
          ]
        }
      ],
      "datePublic": "2017-11-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to obtain root shell privileges on the device, aka Command Injection. The vulnerability is due to improper validation of string input in the shell application. An attacker could exploit this vulnerability through the use of malicious commands. A successful exploit could allow the attacker to obtain root shell privileges on the device. Cisco Bug IDs: CSCvf20741, CSCvf60078."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "101652",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101652"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-arce"
        },
        {
          "name": "1039719",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039719"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-12243",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco UCS Manager, Cisco Firepower 4100 Series NGFW, and Cisco Firepower 9300 Security Appliance",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco UCS Manager, Cisco Firepower 4100 Series NGFW, and Cisco Firepower 9300 Security Appliance"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to obtain root shell privileges on the device, aka Command Injection. The vulnerability is due to improper validation of string input in the shell application. An attacker could exploit this vulnerability through the use of malicious commands. A successful exploit could allow the attacker to obtain root shell privileges on the device. Cisco Bug IDs: CSCvf20741, CSCvf60078."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "101652",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101652"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-arce",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-arce"
            },
            {
              "name": "1039719",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039719"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2017-12243",
    "datePublished": "2017-11-02T16:00:00",
    "dateReserved": "2017-08-03T00:00:00",
    "dateUpdated": "2024-08-05T18:28:16.743Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-20234

Vulnerability from cvelistv5

Published

2023-08-23 18:21

Modified

2024-08-02 09:05

Severity ?

4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Summary

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability by authenticating to an affected device and using the command at the CLI. A successful exploit could allow the attacker to overwrite any file on the disk of the affected device, including system files. The attacker must have valid administrative credentials on the affected device to exploit this vulnerability.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL

Impacted products

Vendor

Product

Version

▼

Cisco

Cisco Adaptive Security Appliance (ASA) Software

Version: 9.8.2
Version: 9.8.2.8
Version: 9.8.2.14
Version: 9.8.2.15
Version: 9.8.2.17
Version: 9.8.2.20
Version: 9.8.2.24
Version: 9.8.2.26
Version: 9.8.2.28
Version: 9.8.2.33
Version: 9.8.2.35
Version: 9.8.2.38
Version: 9.8.3.8
Version: 9.8.3.11
Version: 9.8.3.14
Version: 9.8.3.16
Version: 9.8.3.18
Version: 9.8.3.21
Version: 9.8.3
Version: 9.8.3.26
Version: 9.8.3.29
Version: 9.8.4
Version: 9.8.4.3
Version: 9.8.4.7
Version: 9.8.4.8
Version: 9.8.4.10
Version: 9.8.4.12
Version: 9.8.4.15
Version: 9.8.4.17
Version: 9.8.4.25
Version: 9.8.4.20
Version: 9.8.4.22
Version: 9.8.4.26
Version: 9.8.4.29
Version: 9.8.4.32
Version: 9.8.4.34
Version: 9.8.4.35
Version: 9.8.4.39
Version: 9.8.4.40
Version: 9.8.4.41
Version: 9.8.4.43
Version: 9.8.4.44
Version: 9.8.4.45
Version: 9.8.4.46
Version: 9.8.4.48
Version: 9.12.1
Version: 9.12.1.2
Version: 9.12.1.3
Version: 9.12.2
Version: 9.12.2.5
Version: 9.12.2.9
Version: 9.12.3
Version: 9.12.3.2
Version: 9.12.3.7
Version: 9.12.4
Version: 9.12.3.12
Version: 9.12.3.9
Version: 9.12.2.1
Version: 9.12.4.2
Version: 9.12.4.4
Version: 9.12.4.7
Version: 9.12.4.10
Version: 9.12.4.13
Version: 9.12.4.8
Version: 9.12.4.18
Version: 9.12.4.24
Version: 9.12.4.26
Version: 9.12.4.29
Version: 9.12.4.30
Version: 9.12.4.35
Version: 9.12.4.37
Version: 9.12.4.38
Version: 9.12.4.39
Version: 9.12.4.40
Version: 9.12.4.41
Version: 9.12.4.47
Version: 9.12.4.48
Version: 9.12.4.50
Version: 9.12.4.52
Version: 9.12.4.54
Version: 9.12.4.55
Version: 9.12.4.56
Version: 9.14.1
Version: 9.14.1.10
Version: 9.14.1.15
Version: 9.14.1.19
Version: 9.14.1.30
Version: 9.14.2
Version: 9.14.2.4
Version: 9.14.2.8
Version: 9.14.2.13
Version: 9.14.2.15
Version: 9.14.3
Version: 9.14.3.1
Version: 9.14.3.9
Version: 9.14.3.11
Version: 9.14.3.13
Version: 9.14.3.18
Version: 9.14.3.15
Version: 9.14.4
Version: 9.14.4.6
Version: 9.14.4.7
Version: 9.14.4.12
Version: 9.14.4.13
Version: 9.14.4.14
Version: 9.14.4.15
Version: 9.14.4.17
Version: 9.14.4.22
Version: 9.15.1
Version: 9.15.1.7
Version: 9.15.1.10
Version: 9.15.1.15
Version: 9.15.1.16
Version: 9.15.1.17
Version: 9.15.1.1
Version: 9.15.1.21
Version: 9.16.1
Version: 9.16.1.28
Version: 9.16.2
Version: 9.16.2.3
Version: 9.16.2.7
Version: 9.16.2.11
Version: 9.16.2.13
Version: 9.16.2.14
Version: 9.16.3
Version: 9.16.3.3
Version: 9.16.3.14
Version: 9.16.3.15
Version: 9.16.3.19
Version: 9.16.3.23
Version: 9.16.4
Version: 9.16.4.9
Version: 9.17.1
Version: 9.17.1.7
Version: 9.17.1.9
Version: 9.17.1.10
Version: 9.17.1.11
Version: 9.17.1.13
Version: 9.17.1.15
Version: 9.17.1.20
Version: 9.18.1
Version: 9.18.1.3
Version: 9.18.2
Version: 9.18.2.5
Version: 9.18.2.7
Version: 9.18.2.8
Version: 9.19.1

	Cisco	Cisco Firepower Threat Defense Software	Version: 6.2.3 Version: 6.2.3.1 Version: 6.2.3.2 Version: 6.2.3.3 Version: 6.2.3.4 Version: 6.2.3.5 Version: 6.2.3.6 Version: 6.2.3.7 Version: 6.2.3.8 Version: 6.2.3.10 Version: 6.2.3.11 Version: 6.2.3.9 Version: 6.2.3.12 Version: 6.2.3.13 Version: 6.2.3.14 Version: 6.2.3.15 Version: 6.2.3.16 Version: 6.2.3.17 Version: 6.2.3.18 Version: 6.6.0 Version: 6.6.0.1 Version: 6.6.1 Version: 6.6.3 Version: 6.6.4 Version: 6.6.5 Version: 6.6.5.1 Version: 6.6.5.2 Version: 6.6.7 Version: 6.6.7.1 Version: 6.4.0 Version: 6.4.0.1 Version: 6.4.0.3 Version: 6.4.0.2 Version: 6.4.0.4 Version: 6.4.0.5 Version: 6.4.0.6 Version: 6.4.0.7 Version: 6.4.0.8 Version: 6.4.0.9 Version: 6.4.0.10 Version: 6.4.0.11 Version: 6.4.0.12 Version: 6.4.0.13 Version: 6.4.0.14 Version: 6.4.0.15 Version: 6.4.0.16 Version: 6.7.0 Version: 6.7.0.1 Version: 6.7.0.2 Version: 6.7.0.3 Version: 7.0.0 Version: 7.0.0.1 Version: 7.0.1 Version: 7.0.1.1 Version: 7.0.2 Version: 7.0.2.1 Version: 7.0.3 Version: 7.0.4 Version: 7.0.5 Version: 7.1.0 Version: 7.1.0.1 Version: 7.1.0.2 Version: 7.1.0.3 Version: 7.2.0 Version: 7.2.0.1 Version: 7.2.1 Version: 7.2.2 Version: 7.2.3 Version: 7.3.0 Version: 7.3.1 Version: 7.3.1.1
	Cisco	Cisco Firepower Extensible Operating System (FXOS)	Version: 2.2.1.63 Version: 2.2.1.66 Version: 2.2.1.70 Version: 2.2.2.17 Version: 2.2.2.19 Version: 2.2.2.24 Version: 2.2.2.26 Version: 2.2.2.28 Version: 2.2.2.54 Version: 2.2.2.60 Version: 2.2.2.71 Version: 2.2.2.83 Version: 2.2.2.86 Version: 2.2.2.91 Version: 2.2.2.97 Version: 2.2.2.101 Version: 2.2.2.137 Version: 2.2.2.148 Version: 2.2.2.149 Version: 2.3.1.99 Version: 2.3.1.93 Version: 2.3.1.91 Version: 2.3.1.88 Version: 2.3.1.75 Version: 2.3.1.73 Version: 2.3.1.66 Version: 2.3.1.58 Version: 2.3.1.130 Version: 2.3.1.111 Version: 2.3.1.110 Version: 2.3.1.144 Version: 2.3.1.145 Version: 2.3.1.155 Version: 2.3.1.166 Version: 2.3.1.173 Version: 2.3.1.179 Version: 2.3.1.180 Version: 2.3.1.56 Version: 2.3.1.190 Version: 2.3.1.215 Version: 2.3.1.216 Version: 2.3.1.219 Version: 2.3.1.230 Version: 2.6.1.131 Version: 2.6.1.157 Version: 2.6.1.166 Version: 2.6.1.169 Version: 2.6.1.174 Version: 2.6.1.187 Version: 2.6.1.192 Version: 2.6.1.204 Version: 2.6.1.214 Version: 2.6.1.224 Version: 2.6.1.229 Version: 2.6.1.230 Version: 2.6.1.238 Version: 2.6.1.239 Version: 2.6.1.254 Version: 2.6.1.259 Version: 2.8.1.105 Version: 2.8.1.125 Version: 2.8.1.139 Version: 2.8.1.143 Version: 2.8.1.152 Version: 2.8.1.162 Version: 2.8.1.164 Version: 2.8.1.172 Version: 2.8.1.186 Version: 2.8.1.190 Version: 2.9.1.131 Version: 2.9.1.135 Version: 2.9.1.143 Version: 2.9.1.150 Version: 2.9.1.158 Version: 2.10.1.159 Version: 2.10.1.166 Version: 2.10.1.179 Version: 2.10.1.207 Version: 2.10.1.234 Version: 2.11.1.154 Version: 2.11.1.182 Version: 2.12.0.31 Version: 2.12.0.432 Version: 2.12.0.450 Version: 2.13.0.198

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:05:35.918Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-fxos-arbitrary-file-BLk6YupL",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Adaptive Security Appliance (ASA) Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.8.2"
            },
            {
              "status": "affected",
              "version": "9.8.2.8"
            },
            {
              "status": "affected",
              "version": "9.8.2.14"
            },
            {
              "status": "affected",
              "version": "9.8.2.15"
            },
            {
              "status": "affected",
              "version": "9.8.2.17"
            },
            {
              "status": "affected",
              "version": "9.8.2.20"
            },
            {
              "status": "affected",
              "version": "9.8.2.24"
            },
            {
              "status": "affected",
              "version": "9.8.2.26"
            },
            {
              "status": "affected",
              "version": "9.8.2.28"
            },
            {
              "status": "affected",
              "version": "9.8.2.33"
            },
            {
              "status": "affected",
              "version": "9.8.2.35"
            },
            {
              "status": "affected",
              "version": "9.8.2.38"
            },
            {
              "status": "affected",
              "version": "9.8.3.8"
            },
            {
              "status": "affected",
              "version": "9.8.3.11"
            },
            {
              "status": "affected",
              "version": "9.8.3.14"
            },
            {
              "status": "affected",
              "version": "9.8.3.16"
            },
            {
              "status": "affected",
              "version": "9.8.3.18"
            },
            {
              "status": "affected",
              "version": "9.8.3.21"
            },
            {
              "status": "affected",
              "version": "9.8.3"
            },
            {
              "status": "affected",
              "version": "9.8.3.26"
            },
            {
              "status": "affected",
              "version": "9.8.3.29"
            },
            {
              "status": "affected",
              "version": "9.8.4"
            },
            {
              "status": "affected",
              "version": "9.8.4.3"
            },
            {
              "status": "affected",
              "version": "9.8.4.7"
            },
            {
              "status": "affected",
              "version": "9.8.4.8"
            },
            {
              "status": "affected",
              "version": "9.8.4.10"
            },
            {
              "status": "affected",
              "version": "9.8.4.12"
            },
            {
              "status": "affected",
              "version": "9.8.4.15"
            },
            {
              "status": "affected",
              "version": "9.8.4.17"
            },
            {
              "status": "affected",
              "version": "9.8.4.25"
            },
            {
              "status": "affected",
              "version": "9.8.4.20"
            },
            {
              "status": "affected",
              "version": "9.8.4.22"
            },
            {
              "status": "affected",
              "version": "9.8.4.26"
            },
            {
              "status": "affected",
              "version": "9.8.4.29"
            },
            {
              "status": "affected",
              "version": "9.8.4.32"
            },
            {
              "status": "affected",
              "version": "9.8.4.34"
            },
            {
              "status": "affected",
              "version": "9.8.4.35"
            },
            {
              "status": "affected",
              "version": "9.8.4.39"
            },
            {
              "status": "affected",
              "version": "9.8.4.40"
            },
            {
              "status": "affected",
              "version": "9.8.4.41"
            },
            {
              "status": "affected",
              "version": "9.8.4.43"
            },
            {
              "status": "affected",
              "version": "9.8.4.44"
            },
            {
              "status": "affected",
              "version": "9.8.4.45"
            },
            {
              "status": "affected",
              "version": "9.8.4.46"
            },
            {
              "status": "affected",
              "version": "9.8.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.1"
            },
            {
              "status": "affected",
              "version": "9.12.1.2"
            },
            {
              "status": "affected",
              "version": "9.12.1.3"
            },
            {
              "status": "affected",
              "version": "9.12.2"
            },
            {
              "status": "affected",
              "version": "9.12.2.5"
            },
            {
              "status": "affected",
              "version": "9.12.2.9"
            },
            {
              "status": "affected",
              "version": "9.12.3"
            },
            {
              "status": "affected",
              "version": "9.12.3.2"
            },
            {
              "status": "affected",
              "version": "9.12.3.7"
            },
            {
              "status": "affected",
              "version": "9.12.4"
            },
            {
              "status": "affected",
              "version": "9.12.3.12"
            },
            {
              "status": "affected",
              "version": "9.12.3.9"
            },
            {
              "status": "affected",
              "version": "9.12.2.1"
            },
            {
              "status": "affected",
              "version": "9.12.4.2"
            },
            {
              "status": "affected",
              "version": "9.12.4.4"
            },
            {
              "status": "affected",
              "version": "9.12.4.7"
            },
            {
              "status": "affected",
              "version": "9.12.4.10"
            },
            {
              "status": "affected",
              "version": "9.12.4.13"
            },
            {
              "status": "affected",
              "version": "9.12.4.8"
            },
            {
              "status": "affected",
              "version": "9.12.4.18"
            },
            {
              "status": "affected",
              "version": "9.12.4.24"
            },
            {
              "status": "affected",
              "version": "9.12.4.26"
            },
            {
              "status": "affected",
              "version": "9.12.4.29"
            },
            {
              "status": "affected",
              "version": "9.12.4.30"
            },
            {
              "status": "affected",
              "version": "9.12.4.35"
            },
            {
              "status": "affected",
              "version": "9.12.4.37"
            },
            {
              "status": "affected",
              "version": "9.12.4.38"
            },
            {
              "status": "affected",
              "version": "9.12.4.39"
            },
            {
              "status": "affected",
              "version": "9.12.4.40"
            },
            {
              "status": "affected",
              "version": "9.12.4.41"
            },
            {
              "status": "affected",
              "version": "9.12.4.47"
            },
            {
              "status": "affected",
              "version": "9.12.4.48"
            },
            {
              "status": "affected",
              "version": "9.12.4.50"
            },
            {
              "status": "affected",
              "version": "9.12.4.52"
            },
            {
              "status": "affected",
              "version": "9.12.4.54"
            },
            {
              "status": "affected",
              "version": "9.12.4.55"
            },
            {
              "status": "affected",
              "version": "9.12.4.56"
            },
            {
              "status": "affected",
              "version": "9.14.1"
            },
            {
              "status": "affected",
              "version": "9.14.1.10"
            },
            {
              "status": "affected",
              "version": "9.14.1.15"
            },
            {
              "status": "affected",
              "version": "9.14.1.19"
            },
            {
              "status": "affected",
              "version": "9.14.1.30"
            },
            {
              "status": "affected",
              "version": "9.14.2"
            },
            {
              "status": "affected",
              "version": "9.14.2.4"
            },
            {
              "status": "affected",
              "version": "9.14.2.8"
            },
            {
              "status": "affected",
              "version": "9.14.2.13"
            },
            {
              "status": "affected",
              "version": "9.14.2.15"
            },
            {
              "status": "affected",
              "version": "9.14.3"
            },
            {
              "status": "affected",
              "version": "9.14.3.1"
            },
            {
              "status": "affected",
              "version": "9.14.3.9"
            },
            {
              "status": "affected",
              "version": "9.14.3.11"
            },
            {
              "status": "affected",
              "version": "9.14.3.13"
            },
            {
              "status": "affected",
              "version": "9.14.3.18"
            },
            {
              "status": "affected",
              "version": "9.14.3.15"
            },
            {
              "status": "affected",
              "version": "9.14.4"
            },
            {
              "status": "affected",
              "version": "9.14.4.6"
            },
            {
              "status": "affected",
              "version": "9.14.4.7"
            },
            {
              "status": "affected",
              "version": "9.14.4.12"
            },
            {
              "status": "affected",
              "version": "9.14.4.13"
            },
            {
              "status": "affected",
              "version": "9.14.4.14"
            },
            {
              "status": "affected",
              "version": "9.14.4.15"
            },
            {
              "status": "affected",
              "version": "9.14.4.17"
            },
            {
              "status": "affected",
              "version": "9.14.4.22"
            },
            {
              "status": "affected",
              "version": "9.15.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.7"
            },
            {
              "status": "affected",
              "version": "9.15.1.10"
            },
            {
              "status": "affected",
              "version": "9.15.1.15"
            },
            {
              "status": "affected",
              "version": "9.15.1.16"
            },
            {
              "status": "affected",
              "version": "9.15.1.17"
            },
            {
              "status": "affected",
              "version": "9.15.1.1"
            },
            {
              "status": "affected",
              "version": "9.15.1.21"
            },
            {
              "status": "affected",
              "version": "9.16.1"
            },
            {
              "status": "affected",
              "version": "9.16.1.28"
            },
            {
              "status": "affected",
              "version": "9.16.2"
            },
            {
              "status": "affected",
              "version": "9.16.2.3"
            },
            {
              "status": "affected",
              "version": "9.16.2.7"
            },
            {
              "status": "affected",
              "version": "9.16.2.11"
            },
            {
              "status": "affected",
              "version": "9.16.2.13"
            },
            {
              "status": "affected",
              "version": "9.16.2.14"
            },
            {
              "status": "affected",
              "version": "9.16.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.3"
            },
            {
              "status": "affected",
              "version": "9.16.3.14"
            },
            {
              "status": "affected",
              "version": "9.16.3.15"
            },
            {
              "status": "affected",
              "version": "9.16.3.19"
            },
            {
              "status": "affected",
              "version": "9.16.3.23"
            },
            {
              "status": "affected",
              "version": "9.16.4"
            },
            {
              "status": "affected",
              "version": "9.16.4.9"
            },
            {
              "status": "affected",
              "version": "9.17.1"
            },
            {
              "status": "affected",
              "version": "9.17.1.7"
            },
            {
              "status": "affected",
              "version": "9.17.1.9"
            },
            {
              "status": "affected",
              "version": "9.17.1.10"
            },
            {
              "status": "affected",
              "version": "9.17.1.11"
            },
            {
              "status": "affected",
              "version": "9.17.1.13"
            },
            {
              "status": "affected",
              "version": "9.17.1.15"
            },
            {
              "status": "affected",
              "version": "9.17.1.20"
            },
            {
              "status": "affected",
              "version": "9.18.1"
            },
            {
              "status": "affected",
              "version": "9.18.1.3"
            },
            {
              "status": "affected",
              "version": "9.18.2"
            },
            {
              "status": "affected",
              "version": "9.18.2.5"
            },
            {
              "status": "affected",
              "version": "9.18.2.7"
            },
            {
              "status": "affected",
              "version": "9.18.2.8"
            },
            {
              "status": "affected",
              "version": "9.19.1"
            }
          ]
        },
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.5.2"
            },
            {
              "status": "affected",
              "version": "6.6.7"
            },
            {
              "status": "affected",
              "version": "6.6.7.1"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.4.0.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.15"
            },
            {
              "status": "affected",
              "version": "6.4.0.16"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            }
          ]
        },
        {
          "product": "Cisco Firepower Extensible Operating System (FXOS)",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "2.2.1.63"
            },
            {
              "status": "affected",
              "version": "2.2.1.66"
            },
            {
              "status": "affected",
              "version": "2.2.1.70"
            },
            {
              "status": "affected",
              "version": "2.2.2.17"
            },
            {
              "status": "affected",
              "version": "2.2.2.19"
            },
            {
              "status": "affected",
              "version": "2.2.2.24"
            },
            {
              "status": "affected",
              "version": "2.2.2.26"
            },
            {
              "status": "affected",
              "version": "2.2.2.28"
            },
            {
              "status": "affected",
              "version": "2.2.2.54"
            },
            {
              "status": "affected",
              "version": "2.2.2.60"
            },
            {
              "status": "affected",
              "version": "2.2.2.71"
            },
            {
              "status": "affected",
              "version": "2.2.2.83"
            },
            {
              "status": "affected",
              "version": "2.2.2.86"
            },
            {
              "status": "affected",
              "version": "2.2.2.91"
            },
            {
              "status": "affected",
              "version": "2.2.2.97"
            },
            {
              "status": "affected",
              "version": "2.2.2.101"
            },
            {
              "status": "affected",
              "version": "2.2.2.137"
            },
            {
              "status": "affected",
              "version": "2.2.2.148"
            },
            {
              "status": "affected",
              "version": "2.2.2.149"
            },
            {
              "status": "affected",
              "version": "2.3.1.99"
            },
            {
              "status": "affected",
              "version": "2.3.1.93"
            },
            {
              "status": "affected",
              "version": "2.3.1.91"
            },
            {
              "status": "affected",
              "version": "2.3.1.88"
            },
            {
              "status": "affected",
              "version": "2.3.1.75"
            },
            {
              "status": "affected",
              "version": "2.3.1.73"
            },
            {
              "status": "affected",
              "version": "2.3.1.66"
            },
            {
              "status": "affected",
              "version": "2.3.1.58"
            },
            {
              "status": "affected",
              "version": "2.3.1.130"
            },
            {
              "status": "affected",
              "version": "2.3.1.111"
            },
            {
              "status": "affected",
              "version": "2.3.1.110"
            },
            {
              "status": "affected",
              "version": "2.3.1.144"
            },
            {
              "status": "affected",
              "version": "2.3.1.145"
            },
            {
              "status": "affected",
              "version": "2.3.1.155"
            },
            {
              "status": "affected",
              "version": "2.3.1.166"
            },
            {
              "status": "affected",
              "version": "2.3.1.173"
            },
            {
              "status": "affected",
              "version": "2.3.1.179"
            },
            {
              "status": "affected",
              "version": "2.3.1.180"
            },
            {
              "status": "affected",
              "version": "2.3.1.56"
            },
            {
              "status": "affected",
              "version": "2.3.1.190"
            },
            {
              "status": "affected",
              "version": "2.3.1.215"
            },
            {
              "status": "affected",
              "version": "2.3.1.216"
            },
            {
              "status": "affected",
              "version": "2.3.1.219"
            },
            {
              "status": "affected",
              "version": "2.3.1.230"
            },
            {
              "status": "affected",
              "version": "2.6.1.131"
            },
            {
              "status": "affected",
              "version": "2.6.1.157"
            },
            {
              "status": "affected",
              "version": "2.6.1.166"
            },
            {
              "status": "affected",
              "version": "2.6.1.169"
            },
            {
              "status": "affected",
              "version": "2.6.1.174"
            },
            {
              "status": "affected",
              "version": "2.6.1.187"
            },
            {
              "status": "affected",
              "version": "2.6.1.192"
            },
            {
              "status": "affected",
              "version": "2.6.1.204"
            },
            {
              "status": "affected",
              "version": "2.6.1.214"
            },
            {
              "status": "affected",
              "version": "2.6.1.224"
            },
            {
              "status": "affected",
              "version": "2.6.1.229"
            },
            {
              "status": "affected",
              "version": "2.6.1.230"
            },
            {
              "status": "affected",
              "version": "2.6.1.238"
            },
            {
              "status": "affected",
              "version": "2.6.1.239"
            },
            {
              "status": "affected",
              "version": "2.6.1.254"
            },
            {
              "status": "affected",
              "version": "2.6.1.259"
            },
            {
              "status": "affected",
              "version": "2.8.1.105"
            },
            {
              "status": "affected",
              "version": "2.8.1.125"
            },
            {
              "status": "affected",
              "version": "2.8.1.139"
            },
            {
              "status": "affected",
              "version": "2.8.1.143"
            },
            {
              "status": "affected",
              "version": "2.8.1.152"
            },
            {
              "status": "affected",
              "version": "2.8.1.162"
            },
            {
              "status": "affected",
              "version": "2.8.1.164"
            },
            {
              "status": "affected",
              "version": "2.8.1.172"
            },
            {
              "status": "affected",
              "version": "2.8.1.186"
            },
            {
              "status": "affected",
              "version": "2.8.1.190"
            },
            {
              "status": "affected",
              "version": "2.9.1.131"
            },
            {
              "status": "affected",
              "version": "2.9.1.135"
            },
            {
              "status": "affected",
              "version": "2.9.1.143"
            },
            {
              "status": "affected",
              "version": "2.9.1.150"
            },
            {
              "status": "affected",
              "version": "2.9.1.158"
            },
            {
              "status": "affected",
              "version": "2.10.1.159"
            },
            {
              "status": "affected",
              "version": "2.10.1.166"
            },
            {
              "status": "affected",
              "version": "2.10.1.179"
            },
            {
              "status": "affected",
              "version": "2.10.1.207"
            },
            {
              "status": "affected",
              "version": "2.10.1.234"
            },
            {
              "status": "affected",
              "version": "2.11.1.154"
            },
            {
              "status": "affected",
              "version": "2.11.1.182"
            },
            {
              "status": "affected",
              "version": "2.12.0.31"
            },
            {
              "status": "affected",
              "version": "2.12.0.432"
            },
            {
              "status": "affected",
              "version": "2.12.0.450"
            },
            {
              "status": "affected",
              "version": "2.13.0.198"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files.\r\n\r The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability by authenticating to an affected device and using the command at the CLI. A successful exploit could allow the attacker to overwrite any file on the disk of the affected device, including system files. The attacker must have valid administrative credentials on the affected device to exploit this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-73",
              "description": "External Control of File Name or Path",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:58:27.496Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-fxos-arbitrary-file-BLk6YupL",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL"
        }
      ],
      "source": {
        "advisory": "cisco-sa-fxos-arbitrary-file-BLk6YupL",
        "defects": [
          "CSCwb91812",
          "CSCwd35722",
          "CSCwd05772",
          "CSCwd35726"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20234",
    "datePublished": "2023-08-23T18:21:02.413Z",
    "dateReserved": "2022-10-27T18:47:50.369Z",
    "dateUpdated": "2024-08-02T09:05:35.918Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12277

Vulnerability from cvelistv5

Published

2017-11-02 16:00

Modified

2024-08-05 18:36

Severity ?

Summary

A vulnerability in the Smart Licensing Manager service of the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges. The vulnerability is due to insufficient input validation of certain Smart Licensing configuration parameters. An authenticated attacker could exploit the vulnerability by configuring a malicious URL within the affected feature. A successful exploit could allow the attacker to execute arbitrary commands with root privileges. This vulnerability affects the following Cisco Firepower Security products running FX-OS code trains 1.1.3, 1.1.4, and 2.0.1 (versions 2.1.1, 2.2.1, and 2.2.2 are not affected): Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance. Cisco Bug IDs: CSCvb86863.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/101661	vdb-entry, x_refsource_BID
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-fpwr	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Cisco Firepower 4100 Series NGFW and Firepower 9300 Security Appliance

Version: Cisco Firepower 4100 Series NGFW and Firepower 9300 Security Appliance

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:36:54.479Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "101661",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101661"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-fpwr"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower 4100 Series NGFW and Firepower 9300 Security Appliance",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Firepower 4100 Series NGFW and Firepower 9300 Security Appliance"
            }
          ]
        }
      ],
      "datePublic": "2017-11-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Smart Licensing Manager service of the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges. The vulnerability is due to insufficient input validation of certain Smart Licensing configuration parameters. An authenticated attacker could exploit the vulnerability by configuring a malicious URL within the affected feature. A successful exploit could allow the attacker to execute arbitrary commands with root privileges. This vulnerability affects the following Cisco Firepower Security products running FX-OS code trains 1.1.3, 1.1.4, and 2.0.1 (versions 2.1.1, 2.2.1, and 2.2.2 are not affected): Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance. Cisco Bug IDs: CSCvb86863."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "101661",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101661"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-fpwr"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-12277",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower 4100 Series NGFW and Firepower 9300 Security Appliance",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Firepower 4100 Series NGFW and Firepower 9300 Security Appliance"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Smart Licensing Manager service of the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges. The vulnerability is due to insufficient input validation of certain Smart Licensing configuration parameters. An authenticated attacker could exploit the vulnerability by configuring a malicious URL within the affected feature. A successful exploit could allow the attacker to execute arbitrary commands with root privileges. This vulnerability affects the following Cisco Firepower Security products running FX-OS code trains 1.1.3, 1.1.4, and 2.0.1 (versions 2.1.1, 2.2.1, and 2.2.2 are not affected): Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance. Cisco Bug IDs: CSCvb86863."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "101661",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101661"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-fpwr",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-fpwr"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2017-12277",
    "datePublished": "2017-11-02T16:00:00",
    "dateReserved": "2017-08-03T00:00:00",
    "dateUpdated": "2024-08-05T18:36:54.479Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

All the vulnerabilites related to cisco - firepower_4110_next-generation_firewall

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

cve-2017-12243

Vulnerability from cvelistv5

cve-2023-20234

Vulnerability from cvelistv5

cve-2017-12277

Vulnerability from cvelistv5