Cisco Firepower Device Manager Arbitrary Audit Log Entry Vulnerability

2017-02-0116:00:00

tools.cisco.com

EPSS

0.002

Percentile

53.0%

JSON

A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log.

The vulnerability is due to inadequate input validation. An attacker could exploit this vulnerability by entering crafted requests through the web UI. An exploit could allow the attacker to obfuscate the audit log by adding false entries.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw2[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw2”]

Affected configurations

Vulners

Node

ciscofirepower_threat_defense_softwareMatch6.1

ciscofirepower_threat_defense_softwareMatch6.1.0

VendorProductVersionCPE
ciscofirepower_threat_defense_software6.1cpe:2.3:a:cisco:firepower_threat_defense_software:6.1:*:*:*:*:*:*:*
ciscofirepower_threat_defense_software6.1.0cpe:2.3:a:cisco:firepower_threat_defense_software:6.1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	firepower_threat_defense_software	6.1	cpe:2.3:a:cisco:firepower_threat_defense_software:6.1:::::::*
cisco	firepower_threat_defense_software	6.1.0	cpe:2.3:a:cisco:firepower_threat_defense_software:6.1.0:::::::*

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw2

EPSS

0.002

Percentile

53.0%

JSON

Related for CISCO-SA-20170201-FPW2