CVE-2021-1518 — Code Injection in Cisco Firepower Device Manager On-box

CWE-94 — Code Injection4 documents4 sources

Severity

8.8HIGHNVD

CNA6.3

EPSS

0.7%

top 28.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Firepower Device Manager On-box Cisco Firepower Threat Defense Software

Timeline

PublishedJul 22

Latest updateMay 24

Description

A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. This vulnerability is due to insufficient sanitization of user input on specific REST API commands. An attacker could exploit this vulnerability by sending a crafted HTTP request to the API subsystem of an affected device. A successful exploit could allow the attacker to execute ar…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶NVDcisco/firepower_device_manager_on-box6.3.0 — 6.4.0+1

▶CVEListV5cisco/cisco_firepower_threat_defense_softwaren/a

Patches

Patch: tools.cisco.com ↗Patch: tools.cisco.com ↗

🔴Vulnerability Details

GHSA

GHSA-jrp9-wjr5-77p4: A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow an authenticated, remote attacker to execute arbit↗2022-05-24

▶

CVEList

Cisco Firepower Device Manager On-Box Software Remote Code Execution Vulnerability↗2021-07-22

▶

📋Vendor Advisories

Cisco

Cisco Firepower Device Manager On-Box Software Remote Code Execution Vulnerability↗2021-07-21

▶