Lucene search

[email protected]CVE-2021-34756

HistoryOct 27, 2021 - 7:15 p.m.

CVE-2021-34756

2021-10-2719:15:00

CWE-78

[email protected]

web.nvd.nist.gov

cisco

firepower

threat defense

ftd

software

vulnerabilities

cve-2021-34756

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.

CPENameOperatorVersion
cisco:firepower_management_center_virtual_appliancecisco firepower management center virtual applianceeq6.1.0
cisco:firepower_management_center_virtual_appliancecisco firepower management center virtual applianceeq6.2.0
cisco:firepower_management_center_virtual_appliancecisco firepower management center virtual applianceeq6.2.3
cisco:sourcefire_defense_centercisco sourcefire defense centereq6.4.0
cisco:sourcefire_defense_centercisco sourcefire defense centereq6.5.0
cisco:sourcefire_defense_centercisco sourcefire defense centereq6.6.0
cisco:firepower_threat_defensecisco firepower threat defenselt7.0.1
cisco:firepower_threat_defensecisco firepower threat defenselt6.7.0.3
cisco:firepower_threat_defensecisco firepower threat defenselt6.4.0.13
cisco:firepower_management_center_virtual_appliancecisco firepower management center virtual applianceeq6.3.0

CPE	Name	Operator	Version
cisco:firepower_management_center_virtual_appliance	cisco firepower management center virtual appliance	eq	6.1.0
cisco:firepower_management_center_virtual_appliance	cisco firepower management center virtual appliance	eq	6.2.0
cisco:firepower_management_center_virtual_appliance	cisco firepower management center virtual appliance	eq	6.2.3
cisco:sourcefire_defense_center	cisco sourcefire defense center	eq	6.4.0
cisco:sourcefire_defense_center	cisco sourcefire defense center	eq	6.5.0
cisco:sourcefire_defense_center	cisco sourcefire defense center	eq	6.6.0
cisco:firepower_threat_defense	cisco firepower threat defense	lt	7.0.1
cisco:firepower_threat_defense	cisco firepower threat defense	lt	6.7.0.3
cisco:firepower_threat_defense	cisco firepower threat defense	lt	6.4.0.13
cisco:firepower_management_center_virtual_appliance	cisco firepower management center virtual appliance	eq	6.3.0

Rows per page:

1-10 of 281

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Related for CVE-2021-34756

prion1 nessus1 cisco1