Lucene search

K
cve[email protected]CVE-2022-20934
HistoryNov 15, 2022 - 9:15 p.m.

CVE-2022-20934

2022-11-1521:15:33
CWE-78
CWE-77
web.nvd.nist.gov
45
5
cve-2022-20934
cisco
ftd
fxos
cli
vulnerability
input validation
operating system
root access

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.2%

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root.

This vulnerability is due to improper input validation for specific CLI commands. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials.

Affected configurations

NVD
Node
ciscofirepower_threat_defenseRange6.1.06.1.0.7
OR
ciscofirepower_threat_defenseRange6.2.06.2.0.6
OR
ciscofirepower_threat_defenseRange6.2.26.2.2.5
OR
ciscofirepower_threat_defenseRange6.2.36.2.3.18
OR
ciscofirepower_threat_defenseRange6.3.06.3.0.5
OR
ciscofirepower_threat_defenseRange6.4.06.4.0.15
OR
ciscofirepower_threat_defenseRange6.5.06.5.0.5
OR
ciscofirepower_threat_defenseRange6.7.06.7.0.3
OR
ciscofirepower_threat_defenseRange7.0.07.0.4
OR
ciscofirepower_threat_defenseMatch6.2.1
OR
ciscofirepower_threat_defenseMatch6.6.0
OR
ciscofirepower_threat_defenseMatch6.6.0.1
OR
ciscofirepower_threat_defenseMatch6.6.1
OR
ciscofirepower_threat_defenseMatch6.6.3
OR
ciscofirepower_threat_defenseMatch6.6.4
OR
ciscofirepower_threat_defenseMatch6.6.5
OR
ciscofirepower_threat_defenseMatch6.6.5.1
OR
ciscofirepower_threat_defenseMatch6.6.5.2
OR
ciscofirepower_threat_defenseMatch6.6.7
OR
ciscofirepower_threat_defenseMatch7.1.0.0
OR
ciscofirepower_threat_defenseMatch7.1.0.1
OR
ciscofirepower_threat_defenseMatch7.1.0.2
OR
ciscofirepower_threat_defenseMatch7.2.0
OR
ciscofirepower_threat_defenseMatch7.2.0.1
Node
ciscofirepower_extensible_operating_systemMatch1.1.1.147
OR
ciscofirepower_extensible_operating_systemMatch1.1.1.160
OR
ciscofirepower_extensible_operating_systemMatch1.1.2.51
OR
ciscofirepower_extensible_operating_systemMatch1.1.2.178
OR
ciscofirepower_extensible_operating_systemMatch1.1.3.84
OR
ciscofirepower_extensible_operating_systemMatch1.1.3.86
OR
ciscofirepower_extensible_operating_systemMatch1.1.3.97
OR
ciscofirepower_extensible_operating_systemMatch1.1.4.95
OR
ciscofirepower_extensible_operating_systemMatch1.1.4.117
OR
ciscofirepower_extensible_operating_systemMatch1.1.4.140
OR
ciscofirepower_extensible_operating_systemMatch1.1.4.169
OR
ciscofirepower_extensible_operating_systemMatch1.1.4.175
OR
ciscofirepower_extensible_operating_systemMatch1.1.4.178
OR
ciscofirepower_extensible_operating_systemMatch1.1.4.179
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.37
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.68
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.86
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.135
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.141
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.144
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.148
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.149
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.153
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.159
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.188
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.201
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.203
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.204
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.206
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.64
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.73
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.77
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.83
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.85
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.86
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.97
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.106
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.107
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.113
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.115
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.116
OR
ciscofirepower_extensible_operating_systemMatch2.2.1.63
OR
ciscofirepower_extensible_operating_systemMatch2.2.1.66
OR
ciscofirepower_extensible_operating_systemMatch2.2.1.70
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.17
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.19
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.24
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.26
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.28
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.54
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.60
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.71
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.83
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.86
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.91
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.97
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.101
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.137
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.148
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.149
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.56
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.58
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.66
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.73
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.75
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.88
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.91
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.93
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.99
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.110
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.111
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.130
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.144
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.145
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.155
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.166
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.173
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.179
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.180
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.190
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.215
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.216
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.219
OR
ciscofirepower_extensible_operating_systemMatch2.4.1.101
OR
ciscofirepower_extensible_operating_systemMatch2.4.1.214
OR
ciscofirepower_extensible_operating_systemMatch2.4.1.222
OR
ciscofirepower_extensible_operating_systemMatch2.4.1.234
OR
ciscofirepower_extensible_operating_systemMatch2.4.1.238
OR
ciscofirepower_extensible_operating_systemMatch2.4.1.244
OR
ciscofirepower_extensible_operating_systemMatch2.4.1.249
OR
ciscofirepower_extensible_operating_systemMatch2.4.1.252
OR
ciscofirepower_extensible_operating_systemMatch2.4.1.266
OR
ciscofirepower_extensible_operating_systemMatch2.4.1.268
OR
ciscofirepower_extensible_operating_systemMatch2.4.1.273
OR
ciscofirepower_extensible_operating_systemMatch2.6.1.131
OR
ciscofirepower_extensible_operating_systemMatch2.6.1.157
OR
ciscofirepower_extensible_operating_systemMatch2.6.1.166
OR
ciscofirepower_extensible_operating_systemMatch2.6.1.169
OR
ciscofirepower_extensible_operating_systemMatch2.6.1.174
OR
ciscofirepower_extensible_operating_systemMatch2.6.1.187
OR
ciscofirepower_extensible_operating_systemMatch2.6.1.192
OR
ciscofirepower_extensible_operating_systemMatch2.6.1.204
OR
ciscofirepower_extensible_operating_systemMatch2.6.1.214
OR
ciscofirepower_extensible_operating_systemMatch2.6.1.224
OR
ciscofirepower_extensible_operating_systemMatch2.6.1.229
OR
ciscofirepower_extensible_operating_systemMatch2.6.1.230
OR
ciscofirepower_extensible_operating_systemMatch2.6.1.238
OR
ciscofirepower_extensible_operating_systemMatch2.6.1.239
OR
ciscofirepower_extensible_operating_systemMatch2.6.1.254
OR
ciscofirepower_extensible_operating_systemMatch2.7.1.92
OR
ciscofirepower_extensible_operating_systemMatch2.7.1.98
OR
ciscofirepower_extensible_operating_systemMatch2.7.1.106
OR
ciscofirepower_extensible_operating_systemMatch2.7.1.122
OR
ciscofirepower_extensible_operating_systemMatch2.7.1.131
OR
ciscofirepower_extensible_operating_systemMatch2.7.1.143
OR
ciscofirepower_extensible_operating_systemMatch2.8.1.105
OR
ciscofirepower_extensible_operating_systemMatch2.8.1.125
OR
ciscofirepower_extensible_operating_systemMatch2.8.1.139
OR
ciscofirepower_extensible_operating_systemMatch2.8.1.143
OR
ciscofirepower_extensible_operating_systemMatch2.8.1.152
OR
ciscofirepower_extensible_operating_systemMatch2.8.1.162
OR
ciscofirepower_extensible_operating_systemMatch2.8.1.164
OR
ciscofirepower_extensible_operating_systemMatch2.8.1.172
OR
ciscofirepower_extensible_operating_systemMatch2.9.1.131
OR
ciscofirepower_extensible_operating_systemMatch2.9.1.135
OR
ciscofirepower_extensible_operating_systemMatch2.9.1.143
OR
ciscofirepower_extensible_operating_systemMatch2.9.1.150
OR
ciscofirepower_extensible_operating_systemMatch2.9.1.158
OR
ciscofirepower_extensible_operating_systemMatch2.10.1.159
OR
ciscofirepower_extensible_operating_systemMatch2.10.1.166
OR
ciscofirepower_extensible_operating_systemMatch2.10.1.179
OR
ciscofirepower_extensible_operating_systemMatch2.11.1.154

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco Firepower Threat Defense Software",
    "versions": [
      {
        "version": "6.2.3",
        "status": "affected"
      },
      {
        "version": "6.2.3.1",
        "status": "affected"
      },
      {
        "version": "6.2.3.2",
        "status": "affected"
      },
      {
        "version": "6.2.3.3",
        "status": "affected"
      },
      {
        "version": "6.2.3.4",
        "status": "affected"
      },
      {
        "version": "6.2.3.5",
        "status": "affected"
      },
      {
        "version": "6.2.3.6",
        "status": "affected"
      },
      {
        "version": "6.2.3.7",
        "status": "affected"
      },
      {
        "version": "6.2.3.8",
        "status": "affected"
      },
      {
        "version": "6.2.3.10",
        "status": "affected"
      },
      {
        "version": "6.2.3.11",
        "status": "affected"
      },
      {
        "version": "6.2.3.9",
        "status": "affected"
      },
      {
        "version": "6.2.3.12",
        "status": "affected"
      },
      {
        "version": "6.2.3.13",
        "status": "affected"
      },
      {
        "version": "6.2.3.14",
        "status": "affected"
      },
      {
        "version": "6.2.3.15",
        "status": "affected"
      },
      {
        "version": "6.2.3.16",
        "status": "affected"
      },
      {
        "version": "6.2.3.17",
        "status": "affected"
      },
      {
        "version": "6.2.3.18",
        "status": "affected"
      },
      {
        "version": "6.6.0",
        "status": "affected"
      },
      {
        "version": "6.6.0.1",
        "status": "affected"
      },
      {
        "version": "6.6.1",
        "status": "affected"
      },
      {
        "version": "6.6.3",
        "status": "affected"
      },
      {
        "version": "6.6.4",
        "status": "affected"
      },
      {
        "version": "6.6.5",
        "status": "affected"
      },
      {
        "version": "6.6.5.1",
        "status": "affected"
      },
      {
        "version": "6.6.5.2",
        "status": "affected"
      },
      {
        "version": "6.6.7",
        "status": "affected"
      },
      {
        "version": "6.4.0",
        "status": "affected"
      },
      {
        "version": "6.4.0.1",
        "status": "affected"
      },
      {
        "version": "6.4.0.3",
        "status": "affected"
      },
      {
        "version": "6.4.0.2",
        "status": "affected"
      },
      {
        "version": "6.4.0.4",
        "status": "affected"
      },
      {
        "version": "6.4.0.5",
        "status": "affected"
      },
      {
        "version": "6.4.0.6",
        "status": "affected"
      },
      {
        "version": "6.4.0.7",
        "status": "affected"
      },
      {
        "version": "6.4.0.8",
        "status": "affected"
      },
      {
        "version": "6.4.0.9",
        "status": "affected"
      },
      {
        "version": "6.4.0.10",
        "status": "affected"
      },
      {
        "version": "6.4.0.11",
        "status": "affected"
      },
      {
        "version": "6.4.0.12",
        "status": "affected"
      },
      {
        "version": "6.4.0.13",
        "status": "affected"
      },
      {
        "version": "6.4.0.14",
        "status": "affected"
      },
      {
        "version": "6.4.0.15",
        "status": "affected"
      },
      {
        "version": "6.7.0",
        "status": "affected"
      },
      {
        "version": "6.7.0.1",
        "status": "affected"
      },
      {
        "version": "6.7.0.2",
        "status": "affected"
      },
      {
        "version": "6.7.0.3",
        "status": "affected"
      },
      {
        "version": "7.0.0",
        "status": "affected"
      },
      {
        "version": "7.0.0.1",
        "status": "affected"
      },
      {
        "version": "7.0.1",
        "status": "affected"
      },
      {
        "version": "7.0.1.1",
        "status": "affected"
      },
      {
        "version": "7.0.2",
        "status": "affected"
      },
      {
        "version": "7.0.2.1",
        "status": "affected"
      },
      {
        "version": "7.0.3",
        "status": "affected"
      },
      {
        "version": "7.0.4",
        "status": "affected"
      },
      {
        "version": "7.1.0",
        "status": "affected"
      },
      {
        "version": "7.1.0.1",
        "status": "affected"
      },
      {
        "version": "7.1.0.2",
        "status": "affected"
      },
      {
        "version": "7.2.0",
        "status": "affected"
      },
      {
        "version": "7.2.0.1",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Cisco",
    "product": "Cisco Firepower Extensible Operating System (FXOS)",
    "versions": [
      {
        "version": "2.2.1.63",
        "status": "affected"
      },
      {
        "version": "2.2.1.66",
        "status": "affected"
      },
      {
        "version": "2.2.1.70",
        "status": "affected"
      },
      {
        "version": "2.2.2.17",
        "status": "affected"
      },
      {
        "version": "2.2.2.19",
        "status": "affected"
      },
      {
        "version": "2.2.2.24",
        "status": "affected"
      },
      {
        "version": "2.2.2.26",
        "status": "affected"
      },
      {
        "version": "2.2.2.28",
        "status": "affected"
      },
      {
        "version": "2.2.2.54",
        "status": "affected"
      },
      {
        "version": "2.2.2.60",
        "status": "affected"
      },
      {
        "version": "2.2.2.71",
        "status": "affected"
      },
      {
        "version": "2.2.2.83",
        "status": "affected"
      },
      {
        "version": "2.2.2.86",
        "status": "affected"
      },
      {
        "version": "2.2.2.91",
        "status": "affected"
      },
      {
        "version": "2.2.2.97",
        "status": "affected"
      },
      {
        "version": "2.2.2.101",
        "status": "affected"
      },
      {
        "version": "2.2.2.137",
        "status": "affected"
      },
      {
        "version": "2.2.2.148",
        "status": "affected"
      },
      {
        "version": "2.2.2.149",
        "status": "affected"
      },
      {
        "version": "2.3.1.99",
        "status": "affected"
      },
      {
        "version": "2.3.1.93",
        "status": "affected"
      },
      {
        "version": "2.3.1.91",
        "status": "affected"
      },
      {
        "version": "2.3.1.88",
        "status": "affected"
      },
      {
        "version": "2.3.1.75",
        "status": "affected"
      },
      {
        "version": "2.3.1.73",
        "status": "affected"
      },
      {
        "version": "2.3.1.66",
        "status": "affected"
      },
      {
        "version": "2.3.1.58",
        "status": "affected"
      },
      {
        "version": "2.3.1.130",
        "status": "affected"
      },
      {
        "version": "2.3.1.111",
        "status": "affected"
      },
      {
        "version": "2.3.1.110",
        "status": "affected"
      },
      {
        "version": "2.3.1.144",
        "status": "affected"
      },
      {
        "version": "2.3.1.145",
        "status": "affected"
      },
      {
        "version": "2.3.1.155",
        "status": "affected"
      },
      {
        "version": "2.3.1.166",
        "status": "affected"
      },
      {
        "version": "2.3.1.173",
        "status": "affected"
      },
      {
        "version": "2.3.1.179",
        "status": "affected"
      },
      {
        "version": "2.3.1.180",
        "status": "affected"
      },
      {
        "version": "2.3.1.56",
        "status": "affected"
      },
      {
        "version": "2.3.1.190",
        "status": "affected"
      },
      {
        "version": "2.3.1.215",
        "status": "affected"
      },
      {
        "version": "2.3.1.216",
        "status": "affected"
      },
      {
        "version": "2.3.1.219",
        "status": "affected"
      },
      {
        "version": "2.6.1.131",
        "status": "affected"
      },
      {
        "version": "2.6.1.157",
        "status": "affected"
      },
      {
        "version": "2.6.1.166",
        "status": "affected"
      },
      {
        "version": "2.6.1.169",
        "status": "affected"
      },
      {
        "version": "2.6.1.174",
        "status": "affected"
      },
      {
        "version": "2.6.1.187",
        "status": "affected"
      },
      {
        "version": "2.6.1.192",
        "status": "affected"
      },
      {
        "version": "2.6.1.204",
        "status": "affected"
      },
      {
        "version": "2.6.1.214",
        "status": "affected"
      },
      {
        "version": "2.6.1.224",
        "status": "affected"
      },
      {
        "version": "2.6.1.229",
        "status": "affected"
      },
      {
        "version": "2.6.1.230",
        "status": "affected"
      },
      {
        "version": "2.6.1.238",
        "status": "affected"
      },
      {
        "version": "2.6.1.239",
        "status": "affected"
      },
      {
        "version": "2.6.1.254",
        "status": "affected"
      },
      {
        "version": "2.8.1.105",
        "status": "affected"
      },
      {
        "version": "2.8.1.125",
        "status": "affected"
      },
      {
        "version": "2.8.1.139",
        "status": "affected"
      },
      {
        "version": "2.8.1.143",
        "status": "affected"
      },
      {
        "version": "2.8.1.152",
        "status": "affected"
      },
      {
        "version": "2.8.1.162",
        "status": "affected"
      },
      {
        "version": "2.8.1.164",
        "status": "affected"
      },
      {
        "version": "2.8.1.172",
        "status": "affected"
      },
      {
        "version": "2.9.1.131",
        "status": "affected"
      },
      {
        "version": "2.9.1.135",
        "status": "affected"
      },
      {
        "version": "2.9.1.143",
        "status": "affected"
      },
      {
        "version": "2.9.1.150",
        "status": "affected"
      },
      {
        "version": "2.9.1.158",
        "status": "affected"
      },
      {
        "version": "2.10.1.159",
        "status": "affected"
      },
      {
        "version": "2.10.1.166",
        "status": "affected"
      },
      {
        "version": "2.10.1.179",
        "status": "affected"
      },
      {
        "version": "2.11.1.154",
        "status": "affected"
      }
    ]
  }
]

Social References

More

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.2%

Related for CVE-2022-20934