Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Firepower Threat Defense Software Command File Overwrite Vulnerability
Vulnerability Description
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite files on the file system of an affected device by using directory traversal techniques. A successful exploit could cause system instability if important system files are overwritten. This vulnerability is due to insufficient validation of user input for the file path in a specific CLI command. An attacker could exploit this vulnerability by logging in to a targeted device and issuing a specific CLI command with crafted user input. A successful exploit could allow the attacker to overwrite arbitrary files on the file system of the affected device. The attacker would need valid user credentials on the device.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Vulnerability Type
对外部实体的文件或目录可访问
Vulnerability Title
Cisco Firepower Threat Defense 安全漏洞
Vulnerability Description
Cisco Firepower Threat Defense(FTD)是美国思科(Cisco)公司的一套提供下一代防火墙服务的统一软件。 Cisco Firepower Threat Defense 存在安全漏洞,该漏洞源于命令行存在漏洞,通过使用目录遍历技术,认证的本地攻击者可利用该漏洞可以覆盖受影响设备文件系统上的文件。
CVSS Information
N/A
Vulnerability Type
N/A