CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 0CVE-2019-12675 – Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities
https://notcve.org/view.php?id=CVE-2019-12675
Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc • CWE-116: Improper Encoding or Escaping of Output CWE-216: DEPRECATED: Containment Errors (Container Errors) •
CVSS: 8.2EPSS: 0%CPEs: 17EXPL: 0CVE-2019-12674 – Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities
https://notcve.org/view.php?id=CVE-2019-12674
Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc • CWE-116: Improper Encoding or Escaping of Output CWE-216: DEPRECATED: Containment Errors (Container Errors) •
CVSS: 8.6EPSS: 0%CPEs: 17EXPL: 0CVE-2019-12673 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-12673
A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of FTP data. An attacker could exploit this vulnerability by sending malicious FTP traffic through an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device. Una vulnerabilidad en el motor de inspección FTP del Software Cisco Adaptive Security (ASA) y el Software Cisco Firepower Threat Defense (FTD), podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-dos • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.7EPSS: 0%CPEs: 184EXPL: 0CVE-2019-1963 – Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1963
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. Una vulnerabilidad en el procesador de paquetes de entrada del Protocolo simple de administración de redes (SNMP) del software Cisco FXOS y del software Cisco NX-OS podría permitir que un atacante remoto autenticado haga que la aplicación SNMP en un dispositivo afectado se reinicie inesperadamente. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 29EXPL: 0CVE-2019-12627 – Cisco Firepower Threat Defense Software Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-12627
A vulnerability in the application policy configuration of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data. The vulnerability is due to insufficient application identification. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain unauthorized read access to sensitive data. Una vulnerabilidad en la configuración de la política de aplicación del software Cisco Firepower Threat Defense (FTD) podría permitir que un atacante remoto no autenticado obtenga acceso de lectura no autorizado a datos confidenciales. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-frpwr-td-info • CWE-284: Improper Access Control •