CVE-2019-12699: Cisco FXOS Software and Firepower Threat Defense Software Command Injection Vulnerabilities
First published: Wed Oct 02 2019(Updated: )
Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute commands on the underlying operating system (OS) with root privileges. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by including crafted arguments to specific CLI commands. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Firepower 9300 Firmware | =2.4\(1.214\) | |
| Cisco Firepower 9300 Firmware | =2.4\(1.216\) | |
| Cisco Firepower 9300 Firmware | =2.4\(2.54\) | |
| Cisco Firepower 9300 Firmware | =r241 | |
| Cisco Firepower 9300 | ||
| Cisco Firepower Threat Defense | <=6.1.0 | |
| Cisco Firepower Threat Defense | >=6.2.0<6.2.3.14 | |
| Cisco Firepower Threat Defense | >=6.3.0<6.3.0.3 | |
| Cisco Firepower 1000 | ||
| Cisco Firepower 2100 | ||
| Cisco Firepower Extensible Operating System | >=2.0<2.2.2.101 | |
| Cisco Firepower Extensible Operating System | >=2.3<2.3.1.155 | |
| Cisco Firepower Extensible Operating System | >=2.4<2.4.1.238 | |
| Cisco Firepower 4100 | ||
| Cisco Firepower 9300 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-12699?
CVE-2019-12699 is a vulnerability in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software that could allow an authenticated, local attacker to execute commands on the underlying operating system with root privileges.
How severe is CVE-2019-12699?
CVE-2019-12699 has a severity rating of 7.8 (high).
How can an attacker exploit CVE-2019-12699?
An attacker can exploit CVE-2019-12699 by executing commands on the underlying operating system through the CLI.
What is the affected software for CVE-2019-12699?
The affected software for CVE-2019-12699 includes Cisco Firepower 9300 Firmware versions 2.4(1.214), 2.4(1.216), and 2.4(2.54), as well as Cisco Firepower Threat Defense versions up to 6.1.0, 6.2.0 up to 6.2.3.14, and 6.3.0 up to 6.3.0.3.
Is Cisco Firepower 9300 vulnerable to CVE-2019-12699?
No, Cisco Firepower 9300 is not vulnerable to CVE-2019-12699.
- collector/nvd-index
- agent/weakness
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/author
- agent/title
- agent/last-modified-date
- agent/tags
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/event
- vendor/cisco
- canonical/cisco firepower 9300 firmware
- version/cisco firepower 9300 firmware/2.4\(1.214\)
- version/cisco firepower 9300 firmware/2.4\(1.216\)
- version/cisco firepower 9300 firmware/2.4\(2.54\)
- version/cisco firepower 9300 firmware/r241
- canonical/cisco firepower 9300
- canonical/cisco firepower threat defense
- version/cisco firepower threat defense/6.1.0
- version/cisco firepower threat defense/6.2.0
- version/cisco firepower threat defense/6.3.0
- canonical/cisco firepower 1000
- canonical/cisco firepower 2100
- canonical/cisco firepower extensible operating system
- version/cisco firepower extensible operating system/2.0
- version/cisco firepower extensible operating system/2.3
- version/cisco firepower extensible operating system/2.4
- canonical/cisco firepower 4100