QID 317391
QID 317391: Cisco Firepower Threat Defense (FTD) Software Code Injection Vulnerability (cisco-sa-ftd-fmc-code-inj-wSHrgz8L)
A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device.
Affected Products
Cisco Firepower Threat Defense (FTD):
From 6.2.3 prior to 7.0.6
From 7.1.0 prior to 7.2.4
Note: This QID is not checking for expert mode status. Hence QID is kept as potential
QID Detection Logic (Authenticated):
This QID will check the version retrieved via Unix Auth using "show version" command.
A successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device.
Customers are advised to refer to cisco-sa-ftd-fmc-code-inj-wSHrgz8L for more information.
- cisco-sa-ftd-fmc-code-inj-wSHrgz8L -
sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L
CVEs related to QID 317391
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| cisco-sa-ftd-fmc-code-inj-wSHrgz8L |
sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L |