CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2017-3806
https://notcve.org/view.php?id=CVE-2017-3806
03 Feb 2017 — A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. More Information: CSCvb61343. Known Affected Releases: 2.0(1.68). Known Fixed Releases: 2.0(1.118) 2.1(1.47) 92.1(1.1646) 92.1(1.1763) 92.2(1.101). Una vulnerabilidad en el procesamiento de comandos CLI en el Firewall de próxima generación Cisco Firepow... • http://www.securityfocus.com/bid/95943 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3822
https://notcve.org/view.php?id=CVE-2017-3822
03 Feb 2017 — A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log. This vulnerability affects Cisco Firepower Threat Defense Software versions 6.1.x on the following vulnerable products that have enabled FDM: ASA5506-X ASA5506W-X ASA5506H-X ASA5508-X ASA5516-X ASA5512-X ASA5515-X ASA5525-X ASA5545-X ASA5555-X. More Information: CSCvb86860. Known Affected Releases: FRANG... • http://www.securityfocus.com/bid/95944 • CWE-20: Improper Input Validation •