Cisco Firewall Services Module Command Authorization Vulnerability

A vulnerability in the authorization code of the Cisco Firewall Services Module (FWSM) could allow an authenticated but unprivileged, local attacker to delete, modify, or view the configuration of any other context of the affected system.

The vulnerability is due to insufficient authorization safeguards of certain administrative commands in a user context when the affected system is configured for multiple context mode. An attacker could exploit this vulnerability by executing certain commands in any of the user contexts of the affected system.

Cisco has confirmed the vulnerability in a security advisory and released software updates.

Only an attacker who could log in locally to the affected device could exploit the vulnerability, decreasing the potential source of attacks.