Posts for: #7.2.7

Cisco Secure Firewall Management Center and Secure Firewall Threat Defense Software Command Injection Vulnerability

#7.2  #7.2.6  #7.2.7  #7.2.8  #7.2.8.1  #7.2.9  #7.4  #7.4.1  #7.4.1.1  #7.4.2  #7.4.2.1  #7.6  #7.6.0  #Cisco  #Cisco 3000 Series Industrial Security Appliances (ISA)  #Cisco Firepower 1000 Series 
🚨 SEVERITY: MEDIUM — CVSS 6.0 Security Advisory

TL;DR 📌

A command injection vulnerability has been identified in Cisco Secure Firewall Management Center (FMC) and Secure Firewall Threat Defense (FTD) Software. This medium-severity issue allows authenticated local attackers to execute arbitrary commands on the underlying operating system. Cisco has released software updates to address this vulnerability, but no workarounds are available.

What happened 🕵️‍♂️

A vulnerability in the command-line interface (CLI) of Cisco Secure Firewall Management Center (FMC) and Secure Firewall Threat Defense (FTD) Software has been discovered. This flaw arises from improper input validation for specific CLI commands, enabling an authenticated local attacker to inject operating system commands. If exploited, the attacker could escape the restricted command prompt and execute arbitrary commands as root on the underlying operating system. Successful exploitation requires valid Administrator credentials.

[]

Cisco Secure Firewall Management Center Software HTML Injection Vulnerability

#7  #7.0.6  #7.0.6.1  #7.0.6.2  #7.0.6.3  #7.2  #7.2.4  #7.2.4.1  #7.2.5  #7.2.5.1  #7.2.5.2  #7.2.6  #7.2.7  #7.2.8  #7.2.8.1  #7.2.9 
🚨 SEVERITY: HIGH — CVSS 8.5 Security Advisory

TL;DR 📌

A high-severity HTML injection vulnerability has been identified in the Cisco Secure Firewall Management Center (FMC) Software. This flaw allows authenticated remote attackers to inject arbitrary HTML content into device-generated documents, potentially leading to sensitive information exposure. Cisco has released updates to address this issue, but there are no workarounds available.

What happened 🕵️‍♂️

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center Software could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. This vulnerability arises from improper validation of user-supplied data. An attacker with valid credentials (at least Security Analyst role) could exploit this vulnerability to alter document layouts, read arbitrary files from the underlying operating system, and conduct server-side request forgery (SSRF) attacks.

[]

Cisco Secure Firewall Threat Defense Software Snort 3 Denial of Service Vulnerability

#7.1  #7.1.0  #7.1.0.1  #7.1.0.2  #7.1.0.3  #7.2  #7.2.0  #7.2.0.1  #7.2.1  #7.2.2  #7.2.3  #7.2.4  #7.2.4.1  #7.2.5  #7.2.5.1  #7.2.5.2 
🚨 SEVERITY: HIGH — CVSS 8.6 Security Advisory

TL;DR 📌

A high-severity denial of service (DoS) vulnerability has been identified in the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense Software. An unauthenticated remote attacker can exploit this issue, leading to potential service disruptions. Cisco has released software updates to address this vulnerability, but no workarounds are available.

What happened 🕵️‍♂️

A vulnerability in the packet inspection functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition on affected devices. This issue arises from incorrect processing of traffic being inspected, which can lead to an infinite loop during traffic inspection. Although the system watchdog will automatically restart the Snort process, the vulnerability poses a significant risk of service interruption.

[]