Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.CISCO-SA-FTD-CMDINJECT-FMZSLN8-FTD-MULTI-INST.NASL
HistoryMay 13, 2022 - 12:00 a.m.

Cisco Firepower Threat Defense Software Command Injection Mutliple Vulnerabilities (cisco-sa-ftd-cmdinject-FmzsLN8)

2022-05-1300:00:00
This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
5
JSON

Multiple vulnerabilities in the CLI of Cisco FTD Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device that is running in multi-instance mode.

These vulnerabilities are due to insufficient validation of user-supplied command arguments. An attacker could exploit these vulnerabilities by submitting crafted input to the affected command.

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(161179);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/05/18");

  script_cve_id("CVE-2021-34755", "CVE-2021-34756");
  script_xref(name:"CISCO-BUG-ID", value:"CSCvx86283");
  script_xref(name:"CISCO-BUG-ID", value:"CSCvy16559");
  script_xref(name:"CISCO-SA", value:"cisco-sa-ftd-cmdinject-FmzsLN8");
  script_xref(name:"IAVA", value:"2021-A-0508-S");

  script_name(english:"Cisco Firepower Threat Defense Software Command Injection Mutliple Vulnerabilities (cisco-sa-ftd-cmdinject-FmzsLN8)");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch");
  script_set_attribute(attribute:"description", value:
"Multiple vulnerabilities in the CLI of Cisco FTD Software could allow an authenticated, local attacker to execute 
arbitrary commands with root privileges on the underlying operating system of an affected device that is running 
in multi-instance mode.

These vulnerabilities are due to insufficient validation of user-supplied command arguments. An attacker could exploit
 these vulnerabilities by submitting crafted input to the affected command.

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported 
version number.");
  # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b7d15f8c");
  script_set_attribute(attribute:"see_also", value:"https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74773");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx86283");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy16559");
  script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCvx86283, CSCvy16559");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-34756");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(20, 77);

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/10/27");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/10/27");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/05/13");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:firepower_threat_defense");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CISCO");

  script_copyright(english:"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("cisco_asa_firepower_version.nasl", "cisco_enumerate_firepower.nbin");
  script_require_keys("Host/Cisco/Firepower", "installed_sw/Cisco Firepower Threat Defense");

  exit(0);
}

include('ccf.inc');

var product_info = cisco::get_product_info(name:'Cisco Firepower Threat Defense');

var vuln_ranges = [
  {'min_ver': '0.0', 'fix_ver': '6.4.0.13'},
  {'min_ver': '6.5.0', 'fix_ver': '6.6.5'},
  {'min_ver': '6.7.0', 'fix_ver': '6.7.0.3'},
  {'min_ver': '7.0.0', 'fix_ver': '7.0.1'}
];

var reporting = make_array(
  'port'    , 0,
  'severity', SECURITY_HOLE,
  'version' , product_info['version'],
  'bug_id'  , 'CSCvx86283, CSCvy16559'
);

if (report_paranoia < 2)
  audit(AUDIT_POTENTIAL_VULN, 'Cisco FTD');

cisco::check_and_report(
  product_info:product_info,
  reporting:reporting,
  vuln_ranges:vuln_ranges
);
VendorProductVersionCPE
ciscofirepower_threat_defensecpe:/a:cisco:firepower_threat_defense

Related

cisco 1
prion 2
cve 2
cisco
cisco
Cisco Firepower Threat Defense Software Command Injection Vulnerabilities
2021-10-27 16:00:00
prion
prion
Information disclosure
2021-10-27 19:15:00
Information disclosure
2021-10-27 19:15:00
cve
cve
CVE-2021-34755
2021-10-27 19:15:00
CVE-2021-34756
2021-10-27 19:15:00
JSON
Related for CISCO-SA-FTD-CMDINJECT-FMZSLN8-FTD-MULTI-INST.NASL
cisco1prion2cve2