A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with the privileges of the root user of the underlying operating system. The vulnerability is due to insufficient validation of user-supplied input to the web UI. An attacker could exploit this vulnerability by submitting crafted input in the web UI. A successful exploit could allow an attacker to execute arbitrary commands on the device with full root privileges.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2019-10-02T19:06:45.492396Z
Updated: 2024-09-16T19:30:19.088Z
Reserved: 2019-06-04T00:00:00
Link: CVE-2019-12690
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-10-02T19:15:13.203
Modified: 2019-10-10T17:17:05.330
Link: CVE-2019-12690
Redhat
No data.