Cisco Firepower Threat Defense Software CLI Arbitrary File Write Vulnerability
|
System information
|
|
|
Affected software |
Cisco |
Description
|
A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. The attacker must have administrative credentials on the device. This vulnerability is due to incomplete validation of user input for a specific CLI command. An attacker could exploit this vulnerability by authenticating to the device with administrative privileges and issuing a CLI command with crafted
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-write-SHVcmQVc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Firepower%20Threat%20Defense%20Software%20CLI%20Arbitrary%20File%20Write%20Vulnerability&vs_k=1 |
Standar resources
|
Property |
Value |
CVE |
CVE-2021-34761. |