Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Firepower Threat Defense Software Shell Access Vulnerability
Vulnerability Description
A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by enabling the support tunnel, setting a key, and deriving the tunnel password. A successful exploit could allow the attacker to run any system command with root access on an affected device.
CVSS Information
N/A
Vulnerability Type
访问控制不恰当
Vulnerability Title
Cisco Firepower Threat Defense 安全漏洞
Vulnerability Description
Cisco Firepower Threat Defense(FTD)是美国思科(Cisco)公司的一套提供下一代防火墙服务的统一软件。 Cisco FTD 6.5.0之前版本中的support tunnel功能存在安全漏洞,该漏洞源于不正确的配置。攻击者可利用该漏洞在受影响的设备上以root用户访问权限运行任何系统命令。
CVSS Information
N/A
Vulnerability Type
N/A