Lucene search

CiscoCVE-2019-12675

HistoryOct 02, 2019 - 7:15 p.m.

CVE-2019-12675

2019-10-0219:15:12

CWE-116

CWE-216

cisco

web.nvd.nist.gov

cisco

firepower

threat defense

ftd

software

vulnerabilities

cve-2019-12675

nvd

security

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

8.8

Confidence

High

EPSS

Percentile

5.1%

JSON

Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.

Affected configurations

Nvd

Node

ciscofirepower_threat_defenseRange<6.4.0.2

Node

ciscofirepower_9300_firmwareMatch-

AND

ciscofirepower_9300Match-

Node

ciscofirepower_4115_firmwareMatch-

AND

ciscofirepower_4115Match-

Node

ciscofirepower_4125_firmwareMatch-

AND

ciscofirepower_4125Match-

Node

ciscofirepower_4145_firmwareMatch-

AND

ciscofirepower_4145Match-

Node

ciscofirepower_4110_firmwareMatch-

AND

ciscofirepower_4110Match-

Node

ciscofirepower_4120_firmwareMatch-

AND

ciscofirepower_4120Match-

Node

ciscofirepower_4140_firmwareMatch-

AND

ciscofirepower_4140Match-

Node

ciscofirepower_4150_firmwareMatch-

AND

ciscofirepower_4150Match-

VendorProductVersionCPE
ciscofirepower_threat_defense*cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
ciscofirepower_9300_firmware-cpe:2.3:o:cisco:firepower_9300_firmware:-:*:*:*:*:*:*:*
ciscofirepower_9300-cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*
ciscofirepower_4115_firmware-cpe:2.3:o:cisco:firepower_4115_firmware:-:*:*:*:*:*:*:*
ciscofirepower_4115-cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*
ciscofirepower_4125_firmware-cpe:2.3:o:cisco:firepower_4125_firmware:-:*:*:*:*:*:*:*
ciscofirepower_4125-cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*
ciscofirepower_4145_firmware-cpe:2.3:o:cisco:firepower_4145_firmware:-:*:*:*:*:*:*:*
ciscofirepower_4145-cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*
ciscofirepower_4110_firmware-cpe:2.3:o:cisco:firepower_4110_firmware:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	firepower_threat_defense	*	cpe:2.3:a:cisco:firepower_threat_defense::::::::
cisco	firepower_9300_firmware	-	cpe:2.3:o:cisco:firepower_9300_firmware:-:::::::*
cisco	firepower_9300	-	cpe:2.3:h:cisco:firepower_9300:-:::::::*
cisco	firepower_4115_firmware	-	cpe:2.3:o:cisco:firepower_4115_firmware:-:::::::*
cisco	firepower_4115	-	cpe:2.3:h:cisco:firepower_4115:-:::::::*
cisco	firepower_4125_firmware	-	cpe:2.3:o:cisco:firepower_4125_firmware:-:::::::*
cisco	firepower_4125	-	cpe:2.3:h:cisco:firepower_4125:-:::::::*
cisco	firepower_4145_firmware	-	cpe:2.3:o:cisco:firepower_4145_firmware:-:::::::*
cisco	firepower_4145	-	cpe:2.3:h:cisco:firepower_4145:-:::::::*
cisco	firepower_4110_firmware	-	cpe:2.3:o:cisco:firepower_4110_firmware:-:::::::*

Rows per page:

1-10 of 171

CNA Affected

[
  {
    "product": "Cisco Firepower Threat Defense Software",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "n/a",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

8.8

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2019-12675