Remote Command Injection Vulnerability in Cisco Firepower Devices
CVE-2017-12277

8.8HIGH

Key Information:

Vendor: Cisco
Status: Cisco Firepower 4100 Series Ngfw And Firepower 9300 Security Appliance
Vendor: CVE Published:; 2 November 2017

What is CVE-2017-12277?

A significant vulnerability has been identified in the Smart Licensing Manager service of Cisco's Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance. This issue stems from inadequate input validation on certain Smart Licensing configuration parameters, allowing an authenticated remote attacker to inject and execute arbitrary commands with root privileges. By configuring a malicious URL within the affected service, an attacker may exploit this vulnerability. This incomplete validation creates a high risk for systems running specific FX-OS code versions. Mitigation strategies should be employed promptly to address this vulnerability and secure affected devices.

Affected Version(s)

Cisco Firepower 4100 Series NGFW and Firepower 9300 Security Appliance Cisco Firepower 4100 Series NGFW and Firepower 9300 Security Appliance

References

http://www.securityfocus.com/bid/101661

vdb-entryx_refsource_BID

https://tools.cisco.com/security/center/content/CiscoSecu...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 2, 2017
Vulnerability Reserved
Aug 3, 2017