CVE-2019-12674
Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.
Múltiples vulnerabilidades en la funcionalidad de múltiples instancias del Software Cisco Firepower Threat Defense (FTD), podrían permitir a un atacante local autenticado escapar del contenedor para su instancia FTD y ejecutar comandos con privilegios de root en el espacio de nombres del host. Estas vulnerabilidades son debido a protecciones insuficientes en el sistema de archivos subyacente. Un atacante podría explotar estas vulnerabilidades mediante la modificación de archivos críticos en el sistema de archivos subyacente. Una explotación con éxito podría permitir al atacante ejecutar comandos con privilegios de root dentro del espacio de nombres del host. Esto podría permitir al atacante afectar otras instancias de FTD en ejecución.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-06-04 CVE Reserved
- 2019-10-02 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-116: Improper Encoding or Escaping of Output
- CWE-216: DEPRECATED: Containment Errors (Container Errors)
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cisco Search vendor "Cisco" | Firepower 9300 Firmware Search vendor "Cisco" for product "Firepower 9300 Firmware" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 9300 Search vendor "Cisco" for product "Firepower 9300" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower 4115 Firmware Search vendor "Cisco" for product "Firepower 4115 Firmware" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 4115 Search vendor "Cisco" for product "Firepower 4115" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower 4125 Firmware Search vendor "Cisco" for product "Firepower 4125 Firmware" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 4125 Search vendor "Cisco" for product "Firepower 4125" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower 4145 Firmware Search vendor "Cisco" for product "Firepower 4145 Firmware" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 4145 Search vendor "Cisco" for product "Firepower 4145" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower 4110 Firmware Search vendor "Cisco" for product "Firepower 4110 Firmware" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 4110 Search vendor "Cisco" for product "Firepower 4110" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower 4120 Firmware Search vendor "Cisco" for product "Firepower 4120 Firmware" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 4120 Search vendor "Cisco" for product "Firepower 4120" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower 4140 Firmware Search vendor "Cisco" for product "Firepower 4140 Firmware" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 4140 Search vendor "Cisco" for product "Firepower 4140" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower 4150 Firmware Search vendor "Cisco" for product "Firepower 4150 Firmware" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 4150 Search vendor "Cisco" for product "Firepower 4150" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | < 6.4.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version " < 6.4.0.2" | - |
Affected
|