CVE-2019-12699
published 2019-10-02CVE-2019-12699: Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute commands on the underlying operating system (OS) with root privileges. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by including crafted arguments to specific CLI commands. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_firepower_extensible_operating_system | >= unspecified < n/a | n/a |
| cisco | firepower_9300_firmware | — | — |
| cisco | firepower_9300_firmware | — | — |
| cisco | firepower_9300_firmware | — | — |
| cisco | firepower_9300_firmware | — | — |
| cisco | firepower_extensible_operating_system | >= 2.0 < 2.2.2.101 | 2.2.2.101 |
| cisco | firepower_extensible_operating_system | >= 2.3 < 2.3.1.155 | 2.3.1.155 |
| cisco | firepower_extensible_operating_system | >= 2.4 < 2.4.1.238 | 2.4.1.238 |
| cisco | firepower_threat_defense | <= 6.1.0 | — |
| cisco | firepower_threat_defense | >= 6.2.0 < 6.2.3.14 | 6.2.3.14 |
| cisco | firepower_threat_defense | >= 6.3.0 < 6.3.0.3 | 6.3.0.3 |
| cisco | fxos | — | — |