Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
27 Oct 2022, 16:44
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-78 |
28 Oct 2021, 15:23
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.7.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.5.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.1.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.1.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:7.1.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.5.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.3.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0.11:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.6.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0.11:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.2.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.7.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.3:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.3.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.1.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.2.3:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.6.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* |
|
References | (CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
CWE | CWE-20 |
27 Oct 2021, 20:15
Type | Values Removed | Values Added |
---|---|---|
Summary | Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory. |
27 Oct 2021, 19:35
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-10-27 19:15
Updated : 2024-02-04 22:08
NVD link : CVE-2021-34755
Mitre link : CVE-2021-34755
CVE.ORG link : CVE-2021-34755
JSON object : View
Products Affected
cisco
- firepower_threat_defense
- firepower_management_center_virtual_appliance
- sourcefire_defense_center