Executive Summary

Summary
Title Cisco Firepower 4100 Series NGFW and Firepower 9300 Security Appliance Smart Licensing Command Injection Vulnerability
Informations
Name cisco-sa-20171101-fpwr First vendor Publication 2017-11-01
Vendor Cisco Last vendor Modification 2017-11-01
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:C/I:C/A:C)
Cvss Base Score 9 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability in the Smart Licensing Manager service of the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges.

The vulnerability is due to insufficient input validation of certain Smart Licensing configuration parameters. An authenticated attacker could exploit the vulnerability by configuring a malicious URL within the affected feature. A successful exploit could allow the attacker to execute arbitrary commands with root privileges.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-fpwr ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-fpwr"]

BEGIN PGP SIGNATURE

iQKBBAEBAgBrBQJZ+fHdZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHnNQQ/+IN8smnbk8QbX7m0H hW60vHe5OmByXnjU0TGAPshpNNDPfKWVo4eJ5XtDwvva+Lmi14PjXpe603//25td +iOWElY3GW4YUQmzTqsHTk58EYyh7cgbRTd/B8UU3Vq+ghXVXBJ65QjIrAWHybeq EGzHAxU+RitfZGIUqeQ1BvdSaSrTxzOeXnRB1nQ+6PzD4bD9l6HZHxHrCokeLqYB 44MXdbHsvADMd3G82e8bVyDDxCyqkz7+T1k0+WHypEr2Btbw/qFXq97zy36BEk2Y Dx6s5OY69hugWSUMnSYBBexePU0EBqPPiroTHZSXYMBI9r/2GKix2FnEBIFgcCQB c01S1iFXK7bWiLQrU2R25q1Jdgxo3w+dY+I3bCCKvuALfI3uwv+7cNhe9EQj7+CC bd/Nrp+gMyf1UhNGtjvtvcz5qjMNyYQAU/a8O4hSkabzt2l1+Xdpn2LG36MyLvXR XeH+b4ABQwX/J6a3pBmJHt+sBKiasZLNdYNeTXXk9YCCic9yFFdllGKcDmMyywNr zalhiYuBaxoGqbqRcUroUWGKH3GKy6CC7/ItAu08gD3k3S3eoCGzbZ+hefy7KnSe 6XE3rFdoWvjrorJG4S3MI9T+uOZo5ehClu7VvP20ERGidqIk1UQOjdD6WIDULGxt jVdmbg+u338kKj5zzJM7u3cA4do= =WYPn END PGP SIGNATURE

_______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-77 Improper Sanitization of Special Elements used in a Command ('Command Injection')
50 % CWE-20 Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 6

Snort® IPS/IDS

Date Description
2017-11-02 Cisco Firepower Smart Licensing command injection attempt
RuleID : 44724 - Revision : 1 - Type : SERVER-WEBAPP

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2017-11-21 17:24:15
  • Multiple Updates
2017-11-02 21:25:40
  • Multiple Updates
2017-11-01 21:22:48
  • First insertion