mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
68 lines
3.6 KiB
JSON
68 lines
3.6 KiB
JSON
{
|
|
"id": "CVE-2024-20275",
|
|
"sourceIdentifier": "psirt@cisco.com",
|
|
"published": "2024-10-23T17:15:15.237",
|
|
"lastModified": "2024-10-25T12:56:36.827",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "A vulnerability in the cluster backup feature of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system.\r\n\r\nThis vulnerability is due to insufficient validation of user data that is supplied through the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute arbitrary operating system commands on the affected device. To exploit this vulnerability, an attacker would need valid credentials for a user account with at least the role of Network Administrator. In addition, the attacker would need to persuade a legitimate user to initiate a cluster backup on the affected device."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Una vulnerabilidad en la funci\u00f3n de copia de seguridad de cl\u00faster del software Cisco Secure Firewall Management Center (FMC), anteriormente Firepower Management Center Software, podr\u00eda permitir que un atacante remoto autenticado ejecute comandos arbitrarios en el sistema operativo subyacente. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los datos de usuario que se suministran a trav\u00e9s de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud HTTP manipulada a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar comandos arbitrarios del sistema operativo en el dispositivo afectado. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda credenciales v\u00e1lidas para una cuenta de usuario con al menos el rol de administrador de red. Adem\u00e1s, el atacante necesitar\u00eda persuadir a un usuario leg\u00edtimo para que inicie una copia de seguridad de cl\u00faster en el dispositivo afectado."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "psirt@cisco.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
|
|
"baseScore": 6.1,
|
|
"baseSeverity": "MEDIUM",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "HIGH",
|
|
"userInteraction": "REQUIRED",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "NONE"
|
|
},
|
|
"exploitabilityScore": 0.9,
|
|
"impactScore": 5.2
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "psirt@cisco.com",
|
|
"type": "Secondary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-78"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-g8AOKnDP",
|
|
"source": "psirt@cisco.com"
|
|
},
|
|
{
|
|
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
|
|
"source": "psirt@cisco.com"
|
|
},
|
|
{
|
|
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300",
|
|
"source": "psirt@cisco.com"
|
|
}
|
|
]
|
|
} |