A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerability is due to improper handling of undefined command parameters
Reporter | Title | Published | Views | Family All 13 |
---|---|---|---|---|
Packet Storm | Cisco ASA-X With FirePOWER Services Authenticated Command Injection | 5 Sep 202200:00 | – | packetstorm |
Prion | Design/Logic Flaw | 24 Jun 202216:15 | – | prion |
Metasploit | Cisco ASA-X with FirePOWER Services Authenticated Command Injection | 19 Aug 202219:29 | – | metasploit |
Cisco | Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability | 22 Jun 202216:00 | – | cisco |
Check Point Advisories | Cisco Firepower ASA Command Injection (CVE-2022-20828) | 7 Nov 202200:00 | – | checkpoint_advisories |
Vulnrichment | CVE-2022-20828 Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability | 24 Jun 202215:25 | – | vulnrichment |
NVD | CVE-2022-20828 | 24 Jun 202216:15 | – | nvd |
0day.today | Cisco ASA-X With FirePOWER Services Authenticated Command Injection Exploit | 5 Sep 202200:00 | – | zdt |
Cvelist | CVE-2022-20828 Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability | 24 Jun 202215:25 | – | cvelist |
Rapid7 Blog | Metasploit Weekly Wrap-Up | 9 Sep 202219:43 | – | rapid7blog |
[
{
"product": "Cisco FirePOWER Services Software for ASA",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo