Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-FTD-FILE-WRITE-SHVCMQVC
HistoryOct 27, 2021 - 4:00 p.m.

Cisco Firepower Threat Defense Software CLI Arbitrary File Write Vulnerability

2021-10-2716:00:00
tools.cisco.com
20
cisco firepower threat defense
software
vulnerability
arbitrary data
system files
cli command
authentication
administrative privileges
software updates
advisory
security publication

EPSS

0

Percentile

5.1%

JSON

A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. The attacker must have administrative credentials on the device.

This vulnerability is due to incomplete validation of user input for a specific CLI command. An attacker could exploit this vulnerability by authenticating to the device with administrative privileges and issuing a CLI command with crafted user parameters. A successful exploit could allow the attacker to overwrite or append arbitrary data to system files using root-level privileges.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-write-SHVcmQVc [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-write-SHVcmQVc”]

This advisory is part of the October 2021 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2021 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74773”].

Affected configurations

Vulners
Node
ciscofirepower_threat_defense_softwareMatch6.2
OR
ciscofirepower_threat_defense_softwareMatch6.6
OR
ciscofirepower_2100_firmwareMatchany
OR
ciscofirepower_management_center_1000_firmwareMatchany
OR
ciscoasa_5500-x_series_ips_ssp_softwareMatchany
OR
ciscoindustrial_security_appliances_3000_firmwareMatchany
OR
ciscofirepower_4100_next-generation_firewall_firmwareMatchany
OR
ciscounified_threat_defenseMatchany
OR
ciscofirepower_threat_defense_softwareMatch6.2.3.4
OR
ciscofirepower_threat_defense_softwareMatch6.2.3.8
OR
ciscofirepower_threat_defense_softwareMatch6.2.3.13
OR
ciscofirepower_threat_defense_softwareMatch6.2.3.16
OR
ciscofirepower_threat_defense_softwareMatch6.6.0
OR
ciscofirepower_threat_defense_softwareMatch6.6.0.1
OR
ciscofirepower_threat_defense_softwareMatch6.6.4
OR
ciscofirepower_threat_defense_softwareMatch2100_series
OR
ciscofirepower_threat_defense_softwareMatch1000_series
OR
ciscofirepower_threat_defense_softwareMatch5500-x_series_firewalls
OR
ciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
OR
ciscofirepower_threat_defense_softwareMatch4100_series
OR
ciscofirepower_threat_defense_softwareMatchany
OR
ciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
OR
ciscofirepower_threat_defense_softwareMatch2100_series
OR
ciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
OR
ciscofirepower_threat_defense_softwareMatch6.2.3.16_when_installed_on_cisco_secure_firewall_threat_defense_virtual
OR
ciscofirepower_threat_defense_softwareMatch1000_series
OR
ciscofirepower_threat_defense_softwareMatch4100_series
OR
ciscofirepower_threat_defense_softwareMatch5500-x_series_firewalls
OR
ciscofirepower_threat_defense_softwareMatch5500-x_series_firewalls
VendorProductVersionCPE
ciscofirepower_threat_defense_software6.2cpe:2.3:a:cisco:firepower_threat_defense_software:6.2:*:*:*:*:*:*:*
ciscofirepower_threat_defense_software6.6cpe:2.3:a:cisco:firepower_threat_defense_software:6.6:*:*:*:*:*:*:*
ciscofirepower_2100_firmwareanycpe:2.3:o:cisco:firepower_2100_firmware:any:*:*:*:*:*:*:*
ciscofirepower_management_center_1000_firmwareanycpe:2.3:o:cisco:firepower_management_center_1000_firmware:any:*:*:*:*:*:*:*
ciscoasa_5500-x_series_ips_ssp_softwareanycpe:2.3:a:cisco:asa_5500-x_series_ips_ssp_software:any:*:*:*:*:*:*:*
ciscoindustrial_security_appliances_3000_firmwareanycpe:2.3:o:cisco:industrial_security_appliances_3000_firmware:any:*:*:*:*:*:*:*
ciscofirepower_4100_next-generation_firewall_firmwareanycpe:2.3:o:cisco:firepower_4100_next-generation_firewall_firmware:any:*:*:*:*:*:*:*
ciscounified_threat_defenseanycpe:2.3:a:cisco:unified_threat_defense:any:*:*:*:*:*:*:*
ciscofirepower_threat_defense_software6.2.3.4cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.4:*:*:*:*:*:*:*
ciscofirepower_threat_defense_software6.2.3.8cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.8:*:*:*:*:*:*:*
Rows per page:
1-10 of 221

Related

nvd 1
prion 1
nessus 1
cvelist 1
cve 1
nvd
nvd
CVE-2021-34761
2021-10-27 19:15:08
prion
prion
Input validation
2021-10-27 19:15:00
nessus
nessus
Cisco Firepower Threat Defense Software CLI Arbitrary File Write (cisco-sa-ftd-file-write-SHVcmQVc)
2021-11-03 00:00:00
cvelist
cvelist
CVE-2021-34761 Cisco Firepower Threat Defense Software CLI Arbitrary File Write Vulnerability
2021-10-27 18:55:30
cve
cve
CVE-2021-34761
2021-10-27 19:15:08

EPSS

0

Percentile

5.1%

JSON
Related for CISCO-SA-FTD-FILE-WRITE-SHVCMQVC
nvd1prion1nessus1cvelist1cve1