Filtered by vendor Cisco Subscriptions
Filtered by product Firepower 4120 Subscriptions
Total 53 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-3459 1 Cisco 17 Firepower 4110, Firepower 4112, Firepower 4115 and 14 more 2020-10-30 7.8 High
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.
CVE-2020-3455 1 Cisco 17 Firepower 4110, Firepower 4112, Firepower 4115 and 14 more 2020-10-28 7.8 High
A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms. The vulnerability is due to insufficient protections of the secure boot process. An attacker could exploit this vulnerability by injecting code into a specific file that is then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device which would be executed at each boot and maintain persistence across reboots.
CVE-2019-1782 1 Cisco 97 Firepower 4110, Firepower 4120, Firepower 4140 and 94 more 2020-10-16 6.7 Medium
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.
CVE-2019-1781 1 Cisco 97 Firepower 4110, Firepower 4120, Firepower 4140 and 94 more 2020-10-16 6.7 Medium
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.
CVE-2019-1690 1 Cisco 100 Application Policy Infrastructure Controller, Firepower 2110, Firepower 2120 and 97 more 2020-10-16 6.5 Medium
A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.
CVE-2019-12696 1 Cisco 23 Asa 5500-x, Firepower, Firepower 1010 and 20 more 2020-10-08 7.5 High
Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory.
CVE-2019-12697 1 Cisco 23 Asa 5500-x, Firepower, Firepower 1010 and 20 more 2020-10-08 7.5 High
Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory.
CVE-2020-3171 1 Cisco 21 Firepower 2110, Firepower 2120, Firepower 2130 and 18 more 2020-03-03 7.8 High
A vulnerability in the local management (local-mgmt) CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.
CVE-2019-1963 1 Cisco 130 7000 10-slot, 7000 18-slot, 7000 4-slot and 127 more 2019-10-09 N/A
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.
CVE-2019-12675 1 Cisco 17 Firepower 4110, Firepower 4110 Firmware, Firepower 4115 and 14 more 2019-10-09 8.8 High
Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.
CVE-2019-12674 1 Cisco 17 Firepower 4110, Firepower 4110 Firmware, Firepower 4115 and 14 more 2019-10-09 8.2 High
Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.
CVE-2018-0300 1 Cisco 6 Firepower 4110, Firepower 4120, Firepower 4140 and 3 more 2019-10-09 N/A
A vulnerability in the process of uploading new application images to Cisco FXOS on the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker using path traversal techniques to create or overwrite arbitrary files on an affected device. The vulnerability is due to insufficient validation during the application image upload process. An attacker could exploit this vulnerability by creating an application image containing malicious code and installing the image on the affected device using the CLI or web-based user interface (web UI). These actions occur prior to signature verification and could allow the attacker to create and execute arbitrary code with root privileges. Note: A missing or invalid signature in the application image will cause the upload process to fail, but does not prevent the exploit. Cisco Bug IDs: CSCvc21901.
CVE-2019-1728 1 Cisco 40 Firepower 4110, Firepower 4115, Firepower 4120 and 37 more 2019-05-21 N/A
A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. The vulnerability is due to a lack of proper validation of system files when the persistent configuration information is read from the file system. An attacker could exploit this vulnerability by authenticating to the device and overwriting the persistent configuration storage with malicious executable files. An exploit could allow the attacker to run arbitrary commands at system startup and those commands will run as the root user. The attacker must have valid administrative credentials for the device.