CVE-2019-12699

{"id": "CVE-2019-12699", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.0}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2019-10-02T19:15:13.733", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fxos-cmd-inject", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute commands on the underlying operating system (OS) with root privileges. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by including crafted arguments to specific CLI commands. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades en la CLI del Software Cisco FXOS y del Software Cisco Firepower Threat Defense (FTD), podr\u00edan permitir a un atacante local autenticado ejecutar comandos en el sistema operativo (SO) subyacente con privilegios de root. Estas vulnerabilidades son debido a una comprobaci\u00f3n de entrada insuficiente. Un atacante podr\u00eda explotar estas vulnerabilidades mediante la incorporaci\u00f3n de argumentos dise\u00f1ados en comandos espec\u00edficos de la CLI. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos sobre el sistema operativo subyacente con privilegios de root."}], "lastModified": "2023-04-20T15:27:48.130", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:firepower_9300_firmware:2.4\\(1.214\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "161C90D0-2257-48B6-A77F-D3BDBE129B04"}, {"criteria": "cpe:2.3:o:cisco:firepower_9300_firmware:2.4\\(1.216\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92DD9BE2-301F-4773-8028-CFE376E775FC"}, {"criteria": "cpe:2.3:o:cisco:firepower_9300_firmware:2.4\\(2.54\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFA20FE6-2364-43C9-BCD4-720159BD08B5"}, {"criteria": "cpe:2.3:o:cisco:firepower_9300_firmware:r241:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9204F1F-5094-40F5-88C2-A709E599FFE8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC5F3455-0918-4F29-987F-376FF74F8CE0", "versionEndIncluding": "6.1.0"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C50547D-4EEE-40B2-80F3-DC0059DF5B27", "versionEndExcluding": "6.2.3.14", "versionStartIncluding": "6.2.0"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A16803C-579C-4992-B37E-7CEC17307659", "versionEndExcluding": "6.3.0.3", "versionStartIncluding": "6.3.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:firepower_1000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E6F79864-CA70-4192-AC2C-E174DF3F25B2"}, {"criteria": "cpe:2.3:h:cisco:firepower_2100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D23A26EF-5B43-437C-A962-4FC69D8A0FF4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E80B3246-5C14-4F5E-B105-DA354CE54E99", "versionEndExcluding": "2.2.2.101", "versionStartIncluding": "2.0"}, {"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D69E67A-C3CE-4714-9DFF-6D4FAD4FA3BB", "versionEndExcluding": "2.3.1.155", "versionStartIncluding": "2.3"}, {"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "205AC1E3-B978-45B9-A6C2-FDCC7EBB73D4", "versionEndExcluding": "2.4.1.238", "versionStartIncluding": "2.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B"}, {"criteria": "cpe:2.3:h:cisco:firepower_9300:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C5F3E15A-5407-4C25-97AF-7E53173C6892"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}