CVE-2018-0453
Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Threat Defense (FTD) sensors could allow an authenticated, local attacker to execute specific CLI commands with root privileges on the Cisco Firepower Management Center (FMC), or through Cisco FMC on other Firepower sensors and devices that are controlled by the same Cisco FMC. To send the commands, the attacker must have root privileges for at least one affected sensor or the Cisco FMC. The vulnerability exists because the affected software performs insufficient checks for certain CLI commands, if the commands are executed via a Sourcefire tunnel connection. An attacker could exploit this vulnerability by authenticating with root privileges to a Firepower sensor or Cisco FMC, and then sending specific CLI commands to the Cisco FMC or through the Cisco FMC to another Firepower sensor via the Sourcefire tunnel connection. A successful exploit could allow the attacker to modify device configurations or delete files on the device that is running Cisco FMC Software or on any Firepower device that is managed by Cisco FMC.
Una vulnerabilidad en el protocolo de canal de control de túnel de Sourcefire en Cisco Firepower System Software que se ejecuta en los sensores Firepower Threat Defense (FTD) de Cisco podría permitir que un atacante local autenticado ejecute comandos CLI específicos con privilegios root en Cisco Firepower Management Center (FMC), o a través de Cisco FMC en otros sensores y dispositivos Firepower que estén controlados por el mismo FMC. Para enviar los comandos, el atacante debe tener privilegios root para al menos un sensor afectado o el FMC de Cisco. La vulnerabilidad existe porque el software afectado realiza comprobaciones insuficientes para determinados comandos CLI, si los comandos se ejecutan a través de una conexión de túnel de Sourcefire. Un atacante podría explotar esta vulnerabilidad autenticándose con privilegios root en un sensor Firepower o en un FMC de Cisco y, a continuación, enviando comandos CLI específicos al FMC de Cisco o, a través del FMC de Cisco, a otro sensor Firepower a través de la conexión del túnel Sourcefire. Su explotación con éxito podría permitir al atacante modificar las configuraciones del dispositivo o eliminar archivos en el dispositivo que está ejecutando Cisco FMC Software o en cualquier dispositivo Firepower que esté gestionado por Cisco FMC.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-11-27 CVE Reserved
- 2018-10-05 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 5.4.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "5.4.0" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 6.0.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.0.0" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 6.0.1 Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.0.1" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 6.1.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.1.0" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 6.2.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.2.0" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 6.2.1 Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.2.1" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 6.2.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.2.2" | - |
Affected
|