Описание
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting commands into arguments for a specific command. A successful exploit could allow the attacker to execute commands with root privileges.
Уязвимые конфигурации
EPSS
6.7 Medium
CVSS3
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
Связанные уязвимости
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting commands into arguments for a specific command. A successful exploit could allow the attacker to execute commands with root privileges.
Уязвимость интерфейса командной строки микропрограммного обеспечения межсетевых экранов Cisco Firepower Threat Defense, позволяющая нарушителю выполнить произвольный код с привилегиями root
EPSS
6.7 Medium
CVSS3
7.8 High
CVSS3
7.2 High
CVSS2