mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
639 lines
34 KiB
JSON
639 lines
34 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2022-20934",
|
|
"ASSIGNER": "psirt@cisco.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root.\r\n\r This vulnerability is due to improper input validation for specific CLI commands. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Improper Neutralization of Special Elements used in a Command ('Command Injection')",
|
|
"cweId": "CWE-77"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Cisco",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Cisco Firepower Threat Defense Software",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.2.3"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.2.3.1"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.2.3.2"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.2.3.3"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.2.3.4"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.2.3.5"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.2.3.6"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.2.3.7"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.2.3.8"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.2.3.10"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.2.3.11"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.2.3.9"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.2.3.12"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.2.3.13"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.2.3.14"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.2.3.15"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.2.3.16"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.2.3.17"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.2.3.18"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.6.0"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.6.0.1"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.6.1"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.6.3"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.6.4"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.6.5"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.6.5.1"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.6.5.2"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.6.7"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.4.0"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.4.0.1"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.4.0.3"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.4.0.2"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.4.0.4"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.4.0.5"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.4.0.6"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.4.0.7"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.4.0.8"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.4.0.9"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.4.0.10"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.4.0.11"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.4.0.12"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.4.0.13"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.4.0.14"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.4.0.15"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.7.0"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.7.0.1"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.7.0.2"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.7.0.3"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "7.0.0"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "7.0.0.1"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "7.0.1"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "7.0.1.1"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "7.0.2"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "7.0.2.1"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "7.0.3"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "7.0.4"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "7.1.0"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "7.1.0.1"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "7.1.0.2"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "7.2.0"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "7.2.0.1"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"product_name": "Cisco Firepower Extensible Operating System (FXOS)",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.2.1.63"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.2.1.66"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.2.1.70"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.2.2.17"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.2.2.19"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.2.2.24"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.2.2.26"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.2.2.28"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.2.2.54"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.2.2.60"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.2.2.71"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.2.2.83"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.2.2.86"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.2.2.91"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.2.2.97"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.2.2.101"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.2.2.137"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.2.2.148"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.2.2.149"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.99"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.93"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.91"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.88"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.75"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.73"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.66"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.58"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.130"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.111"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.110"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.144"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.145"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.155"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.166"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.173"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.179"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.180"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.56"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.190"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.215"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.216"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3.1.219"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.6.1.131"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.6.1.157"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.6.1.166"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.6.1.169"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.6.1.174"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.6.1.187"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.6.1.192"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.6.1.204"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.6.1.214"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.6.1.224"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.6.1.229"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.6.1.230"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.6.1.238"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.6.1.239"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.6.1.254"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.8.1.105"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.8.1.125"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.8.1.139"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.8.1.143"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.8.1.152"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.8.1.162"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.8.1.164"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.8.1.172"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.9.1.131"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.9.1.135"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.9.1.143"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.9.1.150"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.9.1.158"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.10.1.159"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.10.1.166"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.10.1.179"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.11.1.154"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fxos-cmd-inj-Q9bLNsrK",
|
|
"refsource": "MISC",
|
|
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fxos-cmd-inj-Q9bLNsrK"
|
|
}
|
|
]
|
|
},
|
|
"source": {
|
|
"advisory": "cisco-sa-ftd-fxos-cmd-inj-Q9bLNsrK",
|
|
"discovery": "INTERNAL",
|
|
"defects": [
|
|
"CSCwb41854",
|
|
"CSCwc02133"
|
|
]
|
|
},
|
|
"exploit": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
|
|
}
|
|
],
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
|
|
"baseScore": 6,
|
|
"baseSeverity": "MEDIUM",
|
|
"attackVector": "LOCAL",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "HIGH",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "NONE"
|
|
}
|
|
]
|
|
}
|
|
} |