OpenCVE

Vendors	Products
Cisco	Firepower Threat Defense

Link	Providers
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-cmd-injection

{"containers": {"cna": {"affected": [{"product": "Cisco FireSIGHT System Software", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-10-03T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Threat Defense (FTD) sensors could allow an authenticated, local attacker to execute specific CLI commands with root privileges on the Cisco Firepower Management Center (FMC), or through Cisco FMC on other Firepower sensors and devices that are controlled by the same Cisco FMC. To send the commands, the attacker must have root privileges for at least one affected sensor or the Cisco FMC. The vulnerability exists because the affected software performs insufficient checks for certain CLI commands, if the commands are executed via a Sourcefire tunnel connection. An attacker could exploit this vulnerability by authenticating with root privileges to a Firepower sensor or Cisco FMC, and then sending specific CLI commands to the Cisco FMC or through the Cisco FMC to another Firepower sensor via the Sourcefire tunnel connection. A successful exploit could allow the attacker to modify device configurations or delete files on the device that is running Cisco FMC Software or on any Firepower device that is managed by Cisco FMC."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-264", "description": "CWE-264", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-10-05T13:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20181003 Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-cmd-injection"}], "source": {"advisory": "cisco-sa-20181003-fp-cmd-injection", "defect": [["CSCvg46466"]], "discovery": "UNKNOWN"}, "title": "Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2018-10-03T16:00:00-0500", "ID": "CVE-2018-0453", "STATE": "PUBLIC", "TITLE": "Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco FireSIGHT System Software", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Threat Defense (FTD) sensors could allow an authenticated, local attacker to execute specific CLI commands with root privileges on the Cisco Firepower Management Center (FMC), or through Cisco FMC on other Firepower sensors and devices that are controlled by the same Cisco FMC. To send the commands, the attacker must have root privileges for at least one affected sensor or the Cisco FMC. The vulnerability exists because the affected software performs insufficient checks for certain CLI commands, if the commands are executed via a Sourcefire tunnel connection. An attacker could exploit this vulnerability by authenticating with root privileges to a Firepower sensor or Cisco FMC, and then sending specific CLI commands to the Cisco FMC or through the Cisco FMC to another Firepower sensor via the Sourcefire tunnel connection. A successful exploit could allow the attacker to modify device configurations or delete files on the device that is running Cisco FMC Software or on any Firepower device that is managed by Cisco FMC."}]}, "impact": {"cvss": {"baseScore": "8.2", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-264"}]}]}, "references": {"reference_data": [{"name": "20181003 Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-cmd-injection"}]}, "source": {"advisory": "cisco-sa-20181003-fp-cmd-injection", "defect": [["CSCvg46466"]], "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:28:10.620Z"}, "title": "CVE Program Container", "references": [{"name": "20181003 Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-cmd-injection"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2018-0453", "datePublished": "2018-10-05T14:00:00Z", "dateReserved": "2017-11-27T00:00:00", "dateUpdated": "2024-09-16T23:05:30.564Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:5.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "D850EEF9-1967-4CE5-A30C-50180849BCAD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E1AC6A67-82EF-4D31-AFCB-499A0C6EC0F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "995667FD-35F1-49E5-96DB-2FDFF5E0B523", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "61FB47CF-2A6A-4121-BFF7-5862E163B8E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "1DC52A8B-7DF4-47B2-9F49-627F59656E5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "AD48BE40-C647-429A-81B6-59E125BBE415", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "42496A5B-1644-4088-BBCF-2ED810A5694B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Threat Defense (FTD) sensors could allow an authenticated, local attacker to execute specific CLI commands with root privileges on the Cisco Firepower Management Center (FMC), or through Cisco FMC on other Firepower sensors and devices that are controlled by the same Cisco FMC. To send the commands, the attacker must have root privileges for at least one affected sensor or the Cisco FMC. The vulnerability exists because the affected software performs insufficient checks for certain CLI commands, if the commands are executed via a Sourcefire tunnel connection. An attacker could exploit this vulnerability by authenticating with root privileges to a Firepower sensor or Cisco FMC, and then sending specific CLI commands to the Cisco FMC or through the Cisco FMC to another Firepower sensor via the Sourcefire tunnel connection. A successful exploit could allow the attacker to modify device configurations or delete files on the device that is running Cisco FMC Software or on any Firepower device that is managed by Cisco FMC."}, {"lang": "es", "value": "Una vulnerabilidad en el protocolo de canal de control de t\u00fanel de Sourcefire en Cisco Firepower System Software que se ejecuta en los sensores Firepower Threat Defense (FTD) de Cisco podr\u00eda permitir que un atacante local autenticado ejecute comandos CLI espec\u00edficos con privilegios root en Cisco Firepower Management Center (FMC), o a trav\u00e9s de Cisco FMC en otros sensores y dispositivos Firepower que est\u00e9n controlados por el mismo FMC. Para enviar los comandos, el atacante debe tener privilegios root para al menos un sensor afectado o el FMC de Cisco. La vulnerabilidad existe porque el software afectado realiza comprobaciones insuficientes para determinados comandos CLI, si los comandos se ejecutan a trav\u00e9s de una conexi\u00f3n de t\u00fanel de Sourcefire. Un atacante podr\u00eda explotar esta vulnerabilidad autentic\u00e1ndose con privilegios root en un sensor Firepower o en un FMC de Cisco y, a continuaci\u00f3n, enviando comandos CLI espec\u00edficos al FMC de Cisco o, a trav\u00e9s del FMC de Cisco, a otro sensor Firepower a trav\u00e9s de la conexi\u00f3n del t\u00fanel Sourcefire. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante modificar las configuraciones del dispositivo o eliminar archivos en el dispositivo que est\u00e1 ejecutando Cisco FMC Software o en cualquier dispositivo Firepower que est\u00e9 gestionado por Cisco FMC."}], "id": "CVE-2018-0453", "lastModified": "2024-11-21T03:38:15.773", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.5, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-10-05T14:29:03.340", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-cmd-injection"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-cmd-injection"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "ykramarz@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object