{"containers": {"cna": {"affected": [{"product": "Cisco Firepower Management Center", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2020-10-21T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to perform directory traversal and access directories outside the restricted path. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using a relative path in specific sfmgr commands. An exploit could allow the attacker to read or write arbitrary files on an sftunnel-connected peer device."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-10-21T18:35:20", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20201021 Cisco Firepower Management Center Software and Firepower Threat Defense Software Directory Traversal Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dirtrav-NW8XcuSB"}], "source": {"advisory": "cisco-sa-ftdfmc-dirtrav-NW8XcuSB", "defect": [["CSCvp56744"]], "discovery": "INTERNAL"}, "title": "Cisco Firepower Management Center Software and Firepower Threat Defense Software Directory Traversal Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2020-10-21T16:00:00", "ID": "CVE-2020-3550", "STATE": "PUBLIC", "TITLE": "Cisco Firepower Management Center Software and Firepower Threat Defense Software Directory Traversal Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Firepower Management Center", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to perform directory traversal and access directories outside the restricted path. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using a relative path in specific sfmgr commands. An exploit could allow the attacker to read or write arbitrary files on an sftunnel-connected peer device."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "impact": {"cvss": {"baseScore": "8.1", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-22"}]}]}, "references": {"reference_data": [{"name": "20201021 Cisco Firepower Management Center Software and Firepower Threat Defense Software Directory Traversal Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dirtrav-NW8XcuSB"}]}, "source": {"advisory": "cisco-sa-ftdfmc-dirtrav-NW8XcuSB", "defect": [["CSCvp56744"]], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T07:37:55.239Z"}, "title": "CVE Program Container", "references": [{"name": "20201021 Cisco Firepower Management Center Software and Firepower Threat Defense Software Directory Traversal Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dirtrav-NW8XcuSB"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2020-3550", "datePublished": "2020-10-21T18:35:20.388990Z", "dateReserved": "2019-12-12T00:00:00", "dateUpdated": "2024-09-17T03:13:44.645Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "F74A789B-7017-4BA0-B57F-BADA67D3F2FB", "versionEndIncluding": "6.0.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "7E57B5EF-7DB7-49B0-8883-2ABB1384DE4F", "versionEndExcluding": "6.3.0.6", "versionStartIncluding": "6.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "10FCBC75-2799-4F5E-B210-0B6976AC9E0C", "versionEndExcluding": "6.4.0.10", "versionStartIncluding": "6.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:6.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "9641FE9B-BC9F-472F-B53B-F4287EE2F17A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "1895BC03-A0B4-4AE8-8EB5-DAFC913E4B2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD83F585-B278-44C6-92AE-5B1CF434B17D", "versionEndIncluding": "6.0.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2", "versionEndExcluding": "6.3.0.6", "versionStartIncluding": "6.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7", "versionEndExcluding": "6.4.0.10", "versionStartIncluding": "6.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "1DC52A8B-7DF4-47B2-9F49-627F59656E5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "AD48BE40-C647-429A-81B6-59E125BBE415", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to perform directory traversal and access directories outside the restricted path. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using a relative path in specific sfmgr commands. An exploit could allow the attacker to read or write arbitrary files on an sftunnel-connected peer device."}, {"lang": "es", "value": "Una vulnerabilidad en el demonio sfmgr de Cisco Firepower Management Center (FMC) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto autenticado llevar a cabo un salto de directorio y acceder a directorios fuera de la ruta restringida. La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de la entrada. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el uso de una ruta relativa en comandos sfmgr espec\u00edficos. Una explotaci\u00f3n podr\u00eda permitir a un atacante leer o escribir archivos arbitrarios en un dispositivo peer conectado a sftunnel"}], "id": "CVE-2020-3550", "lastModified": "2020-10-30T13:29:20.187", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 5.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "ykramarz@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-10-21T19:15:17.217", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dirtrav-NW8XcuSB"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}

{}