Lucene search

CiscoCVE-2020-3457

HistoryOct 21, 2020 - 7:15 p.m.

CVE-2020-3457

2020-10-2119:15:16

CWE-78

cisco

web.nvd.nist.gov

cisco

fxos software

vulnerability

authenticated

local attacker

command injection

nvd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.6

Confidence

High

EPSS

Percentile

5.2%

JSON

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.

Affected configurations

Nvd

Node

ciscofirepower_extensible_operating_systemRange2.4–2.4.1.266

ciscofirepower_extensible_operating_systemRange2.6–2.6.1.204

ciscofirepower_extensible_operating_systemRange2.7–2.7.1.131

ciscofirepower_extensible_operating_systemRange2.8–2.8.1.125

AND

ciscofirepower_4110Match-

ciscofirepower_4112Match-

ciscofirepower_4115Match-

ciscofirepower_4120Match-

ciscofirepower_4125Match-

ciscofirepower_4140Match-

ciscofirepower_4145Match-

ciscofirepower_4150Match-

ciscofirepower_9300_sm-24Match-

ciscofirepower_9300_sm-36Match-

ciscofirepower_9300_sm-40Match-

ciscofirepower_9300_sm-44Match-

ciscofirepower_9300_sm-44_x_3Match-

ciscofirepower_9300_sm-48Match-

ciscofirepower_9300_sm-56Match-

ciscofirepower_9300_sm-56_x_3Match-

Node

ciscoadaptive_security_appliance_softwareRange9.8–9.8.4.29

ciscoadaptive_security_appliance_softwareRange9.9–9.9.2.80

ciscoadaptive_security_appliance_softwareRange9.10–9.10.1.40

ciscoadaptive_security_appliance_softwareRange9.12–9.12.4.3

ciscoadaptive_security_appliance_softwareRange9.13–9.13.1.13

AND

ciscofirepower_1000Match-

ciscofirepower_1010Match-

ciscofirepower_1120Match-

ciscofirepower_1140Match-

ciscofirepower_1150Match-

ciscofirepower_2100Match-

ciscofirepower_2110Match-

ciscofirepower_2120Match-

ciscofirepower_2130Match-

ciscofirepower_2140Match-

Node

ciscofirepower_threat_defenseRange6.2.2–6.3.0.6

ciscofirepower_threat_defenseRange6.4.0–6.4.0.9

ciscofirepower_threat_defenseRange6.5.0–6.5.0.5

AND

ciscofirepower_1000Match-

ciscofirepower_1010Match-

ciscofirepower_1120Match-

ciscofirepower_1140Match-

ciscofirepower_1150Match-

ciscofirepower_2100Match-

ciscofirepower_2110Match-

ciscofirepower_2120Match-

ciscofirepower_2130Match-

ciscofirepower_2140Match-

VendorProductVersionCPE
ciscofirepower_extensible_operating_system*cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*
ciscofirepower_4110-cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*
ciscofirepower_4112-cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*
ciscofirepower_4115-cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*
ciscofirepower_4120-cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*
ciscofirepower_4125-cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*
ciscofirepower_4140-cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*
ciscofirepower_4145-cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*
ciscofirepower_4150-cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*
ciscofirepower_9300_sm-24-cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	firepower_extensible_operating_system	*	cpe:2.3:o:cisco:firepower_extensible_operating_system::::::::
cisco	firepower_4110	-	cpe:2.3:h:cisco:firepower_4110:-:::::::*
cisco	firepower_4112	-	cpe:2.3:h:cisco:firepower_4112:-:::::::*
cisco	firepower_4115	-	cpe:2.3:h:cisco:firepower_4115:-:::::::*
cisco	firepower_4120	-	cpe:2.3:h:cisco:firepower_4120:-:::::::*
cisco	firepower_4125	-	cpe:2.3:h:cisco:firepower_4125:-:::::::*
cisco	firepower_4140	-	cpe:2.3:h:cisco:firepower_4140:-:::::::*
cisco	firepower_4145	-	cpe:2.3:h:cisco:firepower_4145:-:::::::*
cisco	firepower_4150	-	cpe:2.3:h:cisco:firepower_4150:-:::::::*
cisco	firepower_9300_sm-24	-	cpe:2.3:h:cisco:firepower_9300_sm-24:-:::::::*

Rows per page:

1-10 of 291

CNA Affected

[
  {
    "product": "Cisco Adaptive Security Appliance (ASA) Software",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-pqZvmXCr

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.6

Confidence

High

EPSS

Percentile

5.2%

JSON

Related for CVE-2020-3457