QID 317389
Date Published: 2023-11-09
QID 317389: Cisco Firepower Management Center (FMC) Software Code Injection Vulnerability (cisco-sa-ftd-fmc-code-inj-wSHrgz8L)
A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device.
Note: This vulnerability affects Cisco products if they are running a vulnerable release of Cisco FTD Software or Cisco FMC Software and they are configured to allow administrators to use expert mode. By default, expert mode is accessible to any administrator.
Affected Products
Cisco Firepower Management (FMC) :
From 6.2.3 prior to 7.0.6
From 7.1.0 prior to 7.2.4
QID Detection Logic (Authenticated):
This QID will check the version retrieved via Unix Auth using "show version" command.
A successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device.
Customers are advised to refer to cisco-sa-ftd-fmc-code-inj-wSHrgz8L for more information.
- cisco-sa-ftd-fmc-code-inj-wSHrgz8L -
sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L
CVEs related to QID 317389
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| cisco-sa-ftd-fmc-code-inj-wSHrgz8L |
sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L |