Lucene search
HistoryNov 15, 2022 - 9:15 p.m.
CVE-2022-20934
cve-2022-20934
cisco
ftd
fxos
cli
vulnerability
input validation
operating system
root access
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.2%
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root.
This vulnerability is due to improper input validation for specific CLI commands. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials.
Affected configurations
Node
ciscofirepower_threat_defenseRange6.1.0–6.1.0.7
ORciscofirepower_threat_defenseRange6.2.0–6.2.0.6
ORciscofirepower_threat_defenseRange6.2.2–6.2.2.5
ORciscofirepower_threat_defenseRange6.2.3–6.2.3.18
ORciscofirepower_threat_defenseRange6.3.0–6.3.0.5
ORciscofirepower_threat_defenseRange6.4.0–6.4.0.15
ORciscofirepower_threat_defenseRange6.5.0–6.5.0.5
ORciscofirepower_threat_defenseRange6.7.0–6.7.0.3
ORciscofirepower_threat_defenseRange7.0.0–7.0.4
ORciscofirepower_threat_defenseMatch6.2.1
ORciscofirepower_threat_defenseMatch6.6.0
ORciscofirepower_threat_defenseMatch6.6.0.1
ORciscofirepower_threat_defenseMatch6.6.1
ORciscofirepower_threat_defenseMatch6.6.3
ORciscofirepower_threat_defenseMatch6.6.4
ORciscofirepower_threat_defenseMatch6.6.5
ORciscofirepower_threat_defenseMatch6.6.5.1
ORciscofirepower_threat_defenseMatch6.6.5.2
ORciscofirepower_threat_defenseMatch6.6.7
ORciscofirepower_threat_defenseMatch7.1.0.0
ORciscofirepower_threat_defenseMatch7.1.0.1
ORciscofirepower_threat_defenseMatch7.1.0.2
ORciscofirepower_threat_defenseMatch7.2.0
ORciscofirepower_threat_defenseMatch7.2.0.1
Node
ciscofirepower_extensible_operating_systemMatch1.1.1.147
ORciscofirepower_extensible_operating_systemMatch1.1.1.160
ORciscofirepower_extensible_operating_systemMatch1.1.2.51
ORciscofirepower_extensible_operating_systemMatch1.1.2.178
ORciscofirepower_extensible_operating_systemMatch1.1.3.84
ORciscofirepower_extensible_operating_systemMatch1.1.3.86
ORciscofirepower_extensible_operating_systemMatch1.1.3.97
ORciscofirepower_extensible_operating_systemMatch1.1.4.95
ORciscofirepower_extensible_operating_systemMatch1.1.4.117
ORciscofirepower_extensible_operating_systemMatch1.1.4.140
ORciscofirepower_extensible_operating_systemMatch1.1.4.169
ORciscofirepower_extensible_operating_systemMatch1.1.4.175
ORciscofirepower_extensible_operating_systemMatch1.1.4.178
ORciscofirepower_extensible_operating_systemMatch1.1.4.179
ORciscofirepower_extensible_operating_systemMatch2.0.1.37
ORciscofirepower_extensible_operating_systemMatch2.0.1.68
ORciscofirepower_extensible_operating_systemMatch2.0.1.86
ORciscofirepower_extensible_operating_systemMatch2.0.1.135
ORciscofirepower_extensible_operating_systemMatch2.0.1.141
ORciscofirepower_extensible_operating_systemMatch2.0.1.144
ORciscofirepower_extensible_operating_systemMatch2.0.1.148
ORciscofirepower_extensible_operating_systemMatch2.0.1.149
ORciscofirepower_extensible_operating_systemMatch2.0.1.153
ORciscofirepower_extensible_operating_systemMatch2.0.1.159
ORciscofirepower_extensible_operating_systemMatch2.0.1.188
ORciscofirepower_extensible_operating_systemMatch2.0.1.201
ORciscofirepower_extensible_operating_systemMatch2.0.1.203
ORciscofirepower_extensible_operating_systemMatch2.0.1.204
ORciscofirepower_extensible_operating_systemMatch2.0.1.206
ORciscofirepower_extensible_operating_systemMatch2.1.1.64
ORciscofirepower_extensible_operating_systemMatch2.1.1.73
ORciscofirepower_extensible_operating_systemMatch2.1.1.77
ORciscofirepower_extensible_operating_systemMatch2.1.1.83
ORciscofirepower_extensible_operating_systemMatch2.1.1.85
ORciscofirepower_extensible_operating_systemMatch2.1.1.86
ORciscofirepower_extensible_operating_systemMatch2.1.1.97
ORciscofirepower_extensible_operating_systemMatch2.1.1.106
ORciscofirepower_extensible_operating_systemMatch2.1.1.107
ORciscofirepower_extensible_operating_systemMatch2.1.1.113
ORciscofirepower_extensible_operating_systemMatch2.1.1.115
ORciscofirepower_extensible_operating_systemMatch2.1.1.116
ORciscofirepower_extensible_operating_systemMatch2.2.1.63
ORciscofirepower_extensible_operating_systemMatch2.2.1.66
ORciscofirepower_extensible_operating_systemMatch2.2.1.70
ORciscofirepower_extensible_operating_systemMatch2.2.2.17
ORciscofirepower_extensible_operating_systemMatch2.2.2.19
ORciscofirepower_extensible_operating_systemMatch2.2.2.24
ORciscofirepower_extensible_operating_systemMatch2.2.2.26
ORciscofirepower_extensible_operating_systemMatch2.2.2.28
ORciscofirepower_extensible_operating_systemMatch2.2.2.54
ORciscofirepower_extensible_operating_systemMatch2.2.2.60
ORciscofirepower_extensible_operating_systemMatch2.2.2.71
ORciscofirepower_extensible_operating_systemMatch2.2.2.83
ORciscofirepower_extensible_operating_systemMatch2.2.2.86
ORciscofirepower_extensible_operating_systemMatch2.2.2.91
ORciscofirepower_extensible_operating_systemMatch2.2.2.97
ORciscofirepower_extensible_operating_systemMatch2.2.2.101
ORciscofirepower_extensible_operating_systemMatch2.2.2.137
ORciscofirepower_extensible_operating_systemMatch2.2.2.148
ORciscofirepower_extensible_operating_systemMatch2.2.2.149
ORciscofirepower_extensible_operating_systemMatch2.3.1.56
ORciscofirepower_extensible_operating_systemMatch2.3.1.58
ORciscofirepower_extensible_operating_systemMatch2.3.1.66
ORciscofirepower_extensible_operating_systemMatch2.3.1.73
ORciscofirepower_extensible_operating_systemMatch2.3.1.75
ORciscofirepower_extensible_operating_systemMatch2.3.1.88
ORciscofirepower_extensible_operating_systemMatch2.3.1.91
ORciscofirepower_extensible_operating_systemMatch2.3.1.93
ORciscofirepower_extensible_operating_systemMatch2.3.1.99
ORciscofirepower_extensible_operating_systemMatch2.3.1.110
ORciscofirepower_extensible_operating_systemMatch2.3.1.111
ORciscofirepower_extensible_operating_systemMatch2.3.1.130
ORciscofirepower_extensible_operating_systemMatch2.3.1.144
ORciscofirepower_extensible_operating_systemMatch2.3.1.145
ORciscofirepower_extensible_operating_systemMatch2.3.1.155
ORciscofirepower_extensible_operating_systemMatch2.3.1.166
ORciscofirepower_extensible_operating_systemMatch2.3.1.173
ORciscofirepower_extensible_operating_systemMatch2.3.1.179
ORciscofirepower_extensible_operating_systemMatch2.3.1.180
ORciscofirepower_extensible_operating_systemMatch2.3.1.190
ORciscofirepower_extensible_operating_systemMatch2.3.1.215
ORciscofirepower_extensible_operating_systemMatch2.3.1.216
ORciscofirepower_extensible_operating_systemMatch2.3.1.219
ORciscofirepower_extensible_operating_systemMatch2.4.1.101
ORciscofirepower_extensible_operating_systemMatch2.4.1.214
ORciscofirepower_extensible_operating_systemMatch2.4.1.222
ORciscofirepower_extensible_operating_systemMatch2.4.1.234
ORciscofirepower_extensible_operating_systemMatch2.4.1.238
ORciscofirepower_extensible_operating_systemMatch2.4.1.244
ORciscofirepower_extensible_operating_systemMatch2.4.1.249
ORciscofirepower_extensible_operating_systemMatch2.4.1.252
ORciscofirepower_extensible_operating_systemMatch2.4.1.266
ORciscofirepower_extensible_operating_systemMatch2.4.1.268
ORciscofirepower_extensible_operating_systemMatch2.4.1.273
ORciscofirepower_extensible_operating_systemMatch2.6.1.131
ORciscofirepower_extensible_operating_systemMatch2.6.1.157
ORciscofirepower_extensible_operating_systemMatch2.6.1.166
ORciscofirepower_extensible_operating_systemMatch2.6.1.169
ORciscofirepower_extensible_operating_systemMatch2.6.1.174
ORciscofirepower_extensible_operating_systemMatch2.6.1.187
ORciscofirepower_extensible_operating_systemMatch2.6.1.192
ORciscofirepower_extensible_operating_systemMatch2.6.1.204
ORciscofirepower_extensible_operating_systemMatch2.6.1.214
ORciscofirepower_extensible_operating_systemMatch2.6.1.224
ORciscofirepower_extensible_operating_systemMatch2.6.1.229
ORciscofirepower_extensible_operating_systemMatch2.6.1.230
ORciscofirepower_extensible_operating_systemMatch2.6.1.238
ORciscofirepower_extensible_operating_systemMatch2.6.1.239
ORciscofirepower_extensible_operating_systemMatch2.6.1.254
ORciscofirepower_extensible_operating_systemMatch2.7.1.92
ORciscofirepower_extensible_operating_systemMatch2.7.1.98
ORciscofirepower_extensible_operating_systemMatch2.7.1.106
ORciscofirepower_extensible_operating_systemMatch2.7.1.122
ORciscofirepower_extensible_operating_systemMatch2.7.1.131
ORciscofirepower_extensible_operating_systemMatch2.7.1.143
ORciscofirepower_extensible_operating_systemMatch2.8.1.105
ORciscofirepower_extensible_operating_systemMatch2.8.1.125
ORciscofirepower_extensible_operating_systemMatch2.8.1.139
ORciscofirepower_extensible_operating_systemMatch2.8.1.143
ORciscofirepower_extensible_operating_systemMatch2.8.1.152
ORciscofirepower_extensible_operating_systemMatch2.8.1.162
ORciscofirepower_extensible_operating_systemMatch2.8.1.164
ORciscofirepower_extensible_operating_systemMatch2.8.1.172
ORciscofirepower_extensible_operating_systemMatch2.9.1.131
ORciscofirepower_extensible_operating_systemMatch2.9.1.135
ORciscofirepower_extensible_operating_systemMatch2.9.1.143
ORciscofirepower_extensible_operating_systemMatch2.9.1.150
ORciscofirepower_extensible_operating_systemMatch2.9.1.158
ORciscofirepower_extensible_operating_systemMatch2.10.1.159
ORciscofirepower_extensible_operating_systemMatch2.10.1.166
ORciscofirepower_extensible_operating_systemMatch2.10.1.179
ORciscofirepower_extensible_operating_systemMatch2.11.1.154
CNA Affected
[
{
"vendor": "Cisco",
"product": "Cisco Firepower Threat Defense Software",
"versions": [
{
"version": "6.2.3",
"status": "affected"
},
{
"version": "6.2.3.1",
"status": "affected"
},
{
"version": "6.2.3.2",
"status": "affected"
},
{
"version": "6.2.3.3",
"status": "affected"
},
{
"version": "6.2.3.4",
"status": "affected"
},
{
"version": "6.2.3.5",
"status": "affected"
},
{
"version": "6.2.3.6",
"status": "affected"
},
{
"version": "6.2.3.7",
"status": "affected"
},
{
"version": "6.2.3.8",
"status": "affected"
},
{
"version": "6.2.3.10",
"status": "affected"
},
{
"version": "6.2.3.11",
"status": "affected"
},
{
"version": "6.2.3.9",
"status": "affected"
},
{
"version": "6.2.3.12",
"status": "affected"
},
{
"version": "6.2.3.13",
"status": "affected"
},
{
"version": "6.2.3.14",
"status": "affected"
},
{
"version": "6.2.3.15",
"status": "affected"
},
{
"version": "6.2.3.16",
"status": "affected"
},
{
"version": "6.2.3.17",
"status": "affected"
},
{
"version": "6.2.3.18",
"status": "affected"
},
{
"version": "6.6.0",
"status": "affected"
},
{
"version": "6.6.0.1",
"status": "affected"
},
{
"version": "6.6.1",
"status": "affected"
},
{
"version": "6.6.3",
"status": "affected"
},
{
"version": "6.6.4",
"status": "affected"
},
{
"version": "6.6.5",
"status": "affected"
},
{
"version": "6.6.5.1",
"status": "affected"
},
{
"version": "6.6.5.2",
"status": "affected"
},
{
"version": "6.6.7",
"status": "affected"
},
{
"version": "6.4.0",
"status": "affected"
},
{
"version": "6.4.0.1",
"status": "affected"
},
{
"version": "6.4.0.3",
"status": "affected"
},
{
"version": "6.4.0.2",
"status": "affected"
},
{
"version": "6.4.0.4",
"status": "affected"
},
{
"version": "6.4.0.5",
"status": "affected"
},
{
"version": "6.4.0.6",
"status": "affected"
},
{
"version": "6.4.0.7",
"status": "affected"
},
{
"version": "6.4.0.8",
"status": "affected"
},
{
"version": "6.4.0.9",
"status": "affected"
},
{
"version": "6.4.0.10",
"status": "affected"
},
{
"version": "6.4.0.11",
"status": "affected"
},
{
"version": "6.4.0.12",
"status": "affected"
},
{
"version": "6.4.0.13",
"status": "affected"
},
{
"version": "6.4.0.14",
"status": "affected"
},
{
"version": "6.4.0.15",
"status": "affected"
},
{
"version": "6.7.0",
"status": "affected"
},
{
"version": "6.7.0.1",
"status": "affected"
},
{
"version": "6.7.0.2",
"status": "affected"
},
{
"version": "6.7.0.3",
"status": "affected"
},
{
"version": "7.0.0",
"status": "affected"
},
{
"version": "7.0.0.1",
"status": "affected"
},
{
"version": "7.0.1",
"status": "affected"
},
{
"version": "7.0.1.1",
"status": "affected"
},
{
"version": "7.0.2",
"status": "affected"
},
{
"version": "7.0.2.1",
"status": "affected"
},
{
"version": "7.0.3",
"status": "affected"
},
{
"version": "7.0.4",
"status": "affected"
},
{
"version": "7.1.0",
"status": "affected"
},
{
"version": "7.1.0.1",
"status": "affected"
},
{
"version": "7.1.0.2",
"status": "affected"
},
{
"version": "7.2.0",
"status": "affected"
},
{
"version": "7.2.0.1",
"status": "affected"
}
]
},
{
"vendor": "Cisco",
"product": "Cisco Firepower Extensible Operating System (FXOS)",
"versions": [
{
"version": "2.2.1.63",
"status": "affected"
},
{
"version": "2.2.1.66",
"status": "affected"
},
{
"version": "2.2.1.70",
"status": "affected"
},
{
"version": "2.2.2.17",
"status": "affected"
},
{
"version": "2.2.2.19",
"status": "affected"
},
{
"version": "2.2.2.24",
"status": "affected"
},
{
"version": "2.2.2.26",
"status": "affected"
},
{
"version": "2.2.2.28",
"status": "affected"
},
{
"version": "2.2.2.54",
"status": "affected"
},
{
"version": "2.2.2.60",
"status": "affected"
},
{
"version": "2.2.2.71",
"status": "affected"
},
{
"version": "2.2.2.83",
"status": "affected"
},
{
"version": "2.2.2.86",
"status": "affected"
},
{
"version": "2.2.2.91",
"status": "affected"
},
{
"version": "2.2.2.97",
"status": "affected"
},
{
"version": "2.2.2.101",
"status": "affected"
},
{
"version": "2.2.2.137",
"status": "affected"
},
{
"version": "2.2.2.148",
"status": "affected"
},
{
"version": "2.2.2.149",
"status": "affected"
},
{
"version": "2.3.1.99",
"status": "affected"
},
{
"version": "2.3.1.93",
"status": "affected"
},
{
"version": "2.3.1.91",
"status": "affected"
},
{
"version": "2.3.1.88",
"status": "affected"
},
{
"version": "2.3.1.75",
"status": "affected"
},
{
"version": "2.3.1.73",
"status": "affected"
},
{
"version": "2.3.1.66",
"status": "affected"
},
{
"version": "2.3.1.58",
"status": "affected"
},
{
"version": "2.3.1.130",
"status": "affected"
},
{
"version": "2.3.1.111",
"status": "affected"
},
{
"version": "2.3.1.110",
"status": "affected"
},
{
"version": "2.3.1.144",
"status": "affected"
},
{
"version": "2.3.1.145",
"status": "affected"
},
{
"version": "2.3.1.155",
"status": "affected"
},
{
"version": "2.3.1.166",
"status": "affected"
},
{
"version": "2.3.1.173",
"status": "affected"
},
{
"version": "2.3.1.179",
"status": "affected"
},
{
"version": "2.3.1.180",
"status": "affected"
},
{
"version": "2.3.1.56",
"status": "affected"
},
{
"version": "2.3.1.190",
"status": "affected"
},
{
"version": "2.3.1.215",
"status": "affected"
},
{
"version": "2.3.1.216",
"status": "affected"
},
{
"version": "2.3.1.219",
"status": "affected"
},
{
"version": "2.6.1.131",
"status": "affected"
},
{
"version": "2.6.1.157",
"status": "affected"
},
{
"version": "2.6.1.166",
"status": "affected"
},
{
"version": "2.6.1.169",
"status": "affected"
},
{
"version": "2.6.1.174",
"status": "affected"
},
{
"version": "2.6.1.187",
"status": "affected"
},
{
"version": "2.6.1.192",
"status": "affected"
},
{
"version": "2.6.1.204",
"status": "affected"
},
{
"version": "2.6.1.214",
"status": "affected"
},
{
"version": "2.6.1.224",
"status": "affected"
},
{
"version": "2.6.1.229",
"status": "affected"
},
{
"version": "2.6.1.230",
"status": "affected"
},
{
"version": "2.6.1.238",
"status": "affected"
},
{
"version": "2.6.1.239",
"status": "affected"
},
{
"version": "2.6.1.254",
"status": "affected"
},
{
"version": "2.8.1.105",
"status": "affected"
},
{
"version": "2.8.1.125",
"status": "affected"
},
{
"version": "2.8.1.139",
"status": "affected"
},
{
"version": "2.8.1.143",
"status": "affected"
},
{
"version": "2.8.1.152",
"status": "affected"
},
{
"version": "2.8.1.162",
"status": "affected"
},
{
"version": "2.8.1.164",
"status": "affected"
},
{
"version": "2.8.1.172",
"status": "affected"
},
{
"version": "2.9.1.131",
"status": "affected"
},
{
"version": "2.9.1.135",
"status": "affected"
},
{
"version": "2.9.1.143",
"status": "affected"
},
{
"version": "2.9.1.150",
"status": "affected"
},
{
"version": "2.9.1.158",
"status": "affected"
},
{
"version": "2.10.1.159",
"status": "affected"
},
{
"version": "2.10.1.166",
"status": "affected"
},
{
"version": "2.10.1.179",
"status": "affected"
},
{
"version": "2.11.1.154",
"status": "affected"
}
]
}
]Social References
More
Related
nessus
nessus
cisco
cisco
prion
prion
Input validation
2022-11-15 21:15:00
cvelist
cvelist
CVE-2022-20934
2022-11-10 17:34:14
nvd
nvd
CVE-2022-20934
2022-11-15 21:15:33
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.2%
Related for CVE-2022-20934