CVE-2017-3806

5.3MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Firepower 4100 Series Next-generation Firewall And Cisco Firepower 9300 Security Appliance 2.0(1.68)
Vendor: CVE Published:; 3 February 2017

Summary

A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. More Information: CSCvb61343. Known Affected Releases: 2.0(1.68). Known Fixed Releases: 2.0(1.118) 2.1(1.47) 92.1(1.1646) 92.1(1.1763) 92.2(1.101).

Affected Version(s)

Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance 2.0(1.68) Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance 2.0(1.68)

References

https://tools.cisco.com/security/center/content/CiscoSecu...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/95943

vdb-entryx_refsource_BID

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 3, 2017
Vulnerability Reserved
Dec 21, 2016