First published: Wed Oct 02 2019(Updated: )
The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by executing a specific CLI command that includes crafted arguments. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-cmdinj
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco FTD Software | >=Earlier than 6.1.0=6.1.0=6.2.0=6.2.1=6.2.2=6.2.3<=6.3.0<6.3.0.5 (end of October 2019) | 6.3.0.5 (end of October 2019) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.