QID 317173
Date Published: 2022-05-04
QID 317173: Cisco Firepower Threat Defense (FTD) Software Web Services Interface Privilege Escalation Vulnerability (cisco-sa-asaftd-mgmt-privesc-BMFMUvye)
A vulnerability in the web services interface for remote access VPN features of
Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15.
Affected Products
Cisco products if they are running a vulnerable release of Cisco Firepower Threat Defense (FTD) Software and at least one of following conditions is true:
HTTPS Management Access and IKEv2 Client Services are both enabled on at least one (not necessarily the same) interface
HTTPS Management Access and WebVPN are both enabled on at least one (not necessarily the same) interface
Vulnerable Version:
Earlier than 6.4.0.15 (May 2022)
From 6.5.0 Prior to 6.6.5.2
From 6.7.0 Prior to Cisco_FTD_Hotfix_AA-6.7.0.4-2.sh.REL.tar
From 7.0.0 Prior to 7.0.2 (May 2022)
From 7.1.0 Prior to 7.1.0.1
Note: Potential detection as cannot confirm HTTPS Management Access and WebVPN are both enabled on at least one (not necessarily the same) interface is enabled.
QID Detection Logic (Authenticated):
The check matches Cisco FTD OS version retrieved via Unix Auth using "version" command.
A successful exploit could allow the attacker to gain privilege level 15 access to the web management interface of the device.
Customers are advised to refer to cisco-sa-asaftd-mgmt-privesc-BMFMUvye for more information.
- cisco-sa-asaftd-mgmt-privesc-BMFMUvye -
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgmt-privesc-BMFMUvye
CVEs related to QID 317173
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| cisco-sa-asaftd-mgmt-privesc-BMFMUvye |
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgmt-privesc-BMFMUvye |