A vulnerability in CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject XML into the command parser. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted input in commands. A successful exploit could allow the attacker to inject XML into the command parser, which could result in unexpected processing of the command and unexpected command output.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2022-05-03T03:16:23.220344Z
Updated: 2024-09-16T23:11:08.787Z
Reserved: 2021-11-02T00:00:00
Link: CVE-2022-20729
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-05-03T04:15:09.063
Modified: 2023-11-07T03:42:46.340
Link: CVE-2022-20729
Redhat
No data.