Lucene search
CiscoCISCO-SA-20191002-FXOS-CMD-INJECTHistoryOct 02, 2019 - 4:00 p.m.
Cisco FXOS Software and Firepower Threat Defense Software Command Injection Vulnerabilities
2019-10-0216:00:00
tools.cisco.com
146
0.0004 Low
EPSS
Percentile
5.2%
Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute commands on the underlying operating system (OS) with root privileges.
These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by including crafted arguments to specific CLI commands. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fxos-cmd-inject [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fxos-cmd-inject”]
Affected configurations
Node
ciscofirepower_extensible_operating_systemMatch2.0
ORciscofirepower_extensible_operating_systemMatch2.1
ORciscofirepower_extensible_operating_systemMatch1.1
ORciscofirepower_extensible_operating_systemMatch2.2
ORciscofirepower_extensible_operating_systemMatch2.3
ORciscofirepower_threat_defense_softwareMatchany
ORciscofirepower_extensible_operating_systemMatch2.0.1.68
ORciscofirepower_extensible_operating_systemMatch2.0.1.201
ORciscofirepower_extensible_operating_systemMatch2.0.1.86
ORciscofirepower_extensible_operating_systemMatch2.0.1.37
ORciscofirepower_extensible_operating_systemMatch2.0.1.135
ORciscofirepower_extensible_operating_systemMatch2.0.1.141
ORciscofirepower_extensible_operating_systemMatch2.0.1.144
ORciscofirepower_extensible_operating_systemMatch2.0.1.148
ORciscofirepower_extensible_operating_systemMatch2.0.1.149
ORciscofirepower_extensible_operating_systemMatch2.0.1.153
ORciscofirepower_extensible_operating_systemMatch2.0.1.159
ORciscofirepower_extensible_operating_systemMatch2.0.1.188
ORciscofirepower_extensible_operating_systemMatch2.0.1.203
ORciscofirepower_extensible_operating_systemMatch2.0.1.204
ORciscofirepower_extensible_operating_systemMatch2.1.1.64
ORciscofirepower_extensible_operating_systemMatch2.1.1.73
ORciscofirepower_extensible_operating_systemMatch2.1.1.77
ORciscofirepower_extensible_operating_systemMatch2.1.1.83
ORciscofirepower_extensible_operating_systemMatch2.1.1.85
ORciscofirepower_extensible_operating_systemMatch2.1.1.86
ORciscofirepower_extensible_operating_systemMatch2.1.1.97
ORciscofirepower_extensible_operating_systemMatch2.1.1.106
ORciscofirepower_extensible_operating_systemMatch2.1.1.107
ORciscofirepower_extensible_operating_systemMatch2.1.1.113
ORciscofirepower_extensible_operating_systemMatch2.1.1.115
ORciscofirepower_extensible_operating_systemMatch2.1.1.116
ORciscofirepower_extensible_operating_systemMatch1.1.1.147
ORciscofirepower_extensible_operating_systemMatch1.1.1.160
ORciscofirepower_extensible_operating_systemMatch1.1.2.51
ORciscofirepower_extensible_operating_systemMatch1.1.2.178
ORciscofirepower_extensible_operating_systemMatch1.1.3.84
ORciscofirepower_extensible_operating_systemMatch1.1.3.86
ORciscofirepower_extensible_operating_systemMatch1.1.3.97
ORciscofirepower_extensible_operating_systemMatch1.1.4.95
ORciscofirepower_extensible_operating_systemMatch1.1.4.117
ORciscofirepower_extensible_operating_systemMatch1.1.4.169
ORciscofirepower_extensible_operating_systemMatch1.1.4.175
ORciscofirepower_extensible_operating_systemMatch1.1.4.178
ORciscofirepower_extensible_operating_systemMatch1.1.4.179
ORciscofirepower_extensible_operating_systemMatch2.2.1.63
ORciscofirepower_extensible_operating_systemMatch2.2.1.66
ORciscofirepower_extensible_operating_systemMatch2.2.1.70
ORciscofirepower_extensible_operating_systemMatch2.2.2.17
ORciscofirepower_extensible_operating_systemMatch2.2.2.19
ORciscofirepower_extensible_operating_systemMatch2.2.2.24
ORciscofirepower_extensible_operating_systemMatch2.2.2.26
ORciscofirepower_extensible_operating_systemMatch2.2.2.28
ORciscofirepower_extensible_operating_systemMatch2.2.2.54
ORciscofirepower_extensible_operating_systemMatch2.2.2.60
ORciscofirepower_extensible_operating_systemMatch2.2.2.71
ORciscofirepower_extensible_operating_systemMatch2.2.2.83
ORciscofirepower_extensible_operating_systemMatch2.2.2.86
ORciscofirepower_extensible_operating_systemMatch2.3.1.99
ORciscofirepower_extensible_operating_systemMatch2.3.1.93
ORciscofirepower_extensible_operating_systemMatch2.3.1.91
ORciscofirepower_extensible_operating_systemMatch2.3.1.88
ORciscofirepower_extensible_operating_systemMatch2.3.1.75
ORciscofirepower_extensible_operating_systemMatch2.3.1.73
ORciscofirepower_extensible_operating_systemMatch2.3.1.66
ORciscofirepower_extensible_operating_systemMatch2.3.1.58
ORciscofirepower_extensible_operating_systemMatch2.3.1.111
ORciscofirepower_extensible_operating_systemMatch2.3.1.110
ORciscofirepower_threat_defense_softwareMatch1000/2100 Series
Related
nessus
nessus
Cisco FTD Software Command Injection (cisco-sa-20191002-fxos-cmd-inject)
2020-04-10 00:00:00
Cisco FXOS Software Command Injection (cisco-sa-20191002-fxos-cmd-inject)
2020-04-10 00:00:00
cve
cve
CVE-2019-12699
2019-10-02 19:15:13
prion
prion
Input validation
2019-10-02 19:15:00
cvelist
cvelist
nvd
nvd
CVE-2019-12699
2019-10-02 19:15:13