Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
24 Oct 2022, 14:06
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-78 |
28 Oct 2021, 15:06
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.7.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.5.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.1.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.1.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:7.1.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.5.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.3.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0.11:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.6.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0.11:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.2.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.7.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.3:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.3.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.1.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.2.3:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.6.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
CWE | CWE-77 | |
References | (CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8 - Vendor Advisory |
27 Oct 2021, 20:15
Type | Values Removed | Values Added |
---|---|---|
Summary | Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory. |
27 Oct 2021, 19:35
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-10-27 19:15
Updated : 2024-02-04 22:08
NVD link : CVE-2021-34756
Mitre link : CVE-2021-34756
CVE.ORG link : CVE-2021-34756
JSON object : View
Products Affected
cisco
- firepower_threat_defense
- firepower_management_center_virtual_appliance
- sourcefire_defense_center