// For flags

CVE-2019-12674

Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities

Severity Score

8.2
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.

Múltiples vulnerabilidades en la funcionalidad de múltiples instancias del Software Cisco Firepower Threat Defense (FTD), podrían permitir a un atacante local autenticado escapar del contenedor para su instancia FTD y ejecutar comandos con privilegios de root en el espacio de nombres del host. Estas vulnerabilidades son debido a protecciones insuficientes en el sistema de archivos subyacente. Un atacante podría explotar estas vulnerabilidades mediante la modificación de archivos críticos en el sistema de archivos subyacente. Una explotación con éxito podría permitir al atacante ejecutar comandos con privilegios de root dentro del espacio de nombres del host. Esto podría permitir al atacante afectar otras instancias de FTD en ejecución.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-06-04 CVE Reserved
  • 2019-10-02 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-09-16 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-116: Improper Encoding or Escaping of Output
  • CWE-216: DEPRECATED: Containment Errors (Container Errors)
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Firepower 9300 Firmware
Search vendor "Cisco" for product "Firepower 9300 Firmware"
--
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300
Search vendor "Cisco" for product "Firepower 9300"
--
Safe
Cisco
Search vendor "Cisco"
Firepower 4115 Firmware
Search vendor "Cisco" for product "Firepower 4115 Firmware"
--
Affected
in Cisco
Search vendor "Cisco"
Firepower 4115
Search vendor "Cisco" for product "Firepower 4115"
--
Safe
Cisco
Search vendor "Cisco"
Firepower 4125 Firmware
Search vendor "Cisco" for product "Firepower 4125 Firmware"
--
Affected
in Cisco
Search vendor "Cisco"
Firepower 4125
Search vendor "Cisco" for product "Firepower 4125"
--
Safe
Cisco
Search vendor "Cisco"
Firepower 4145 Firmware
Search vendor "Cisco" for product "Firepower 4145 Firmware"
--
Affected
in Cisco
Search vendor "Cisco"
Firepower 4145
Search vendor "Cisco" for product "Firepower 4145"
--
Safe
Cisco
Search vendor "Cisco"
Firepower 4110 Firmware
Search vendor "Cisco" for product "Firepower 4110 Firmware"
--
Affected
in Cisco
Search vendor "Cisco"
Firepower 4110
Search vendor "Cisco" for product "Firepower 4110"
--
Safe
Cisco
Search vendor "Cisco"
Firepower 4120 Firmware
Search vendor "Cisco" for product "Firepower 4120 Firmware"
--
Affected
in Cisco
Search vendor "Cisco"
Firepower 4120
Search vendor "Cisco" for product "Firepower 4120"
--
Safe
Cisco
Search vendor "Cisco"
Firepower 4140 Firmware
Search vendor "Cisco" for product "Firepower 4140 Firmware"
--
Affected
in Cisco
Search vendor "Cisco"
Firepower 4140
Search vendor "Cisco" for product "Firepower 4140"
--
Safe
Cisco
Search vendor "Cisco"
Firepower 4150 Firmware
Search vendor "Cisco" for product "Firepower 4150 Firmware"
--
Affected
in Cisco
Search vendor "Cisco"
Firepower 4150
Search vendor "Cisco" for product "Firepower 4150"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
< 6.4.0.2
Search vendor "Cisco" for product "Firepower Threat Defense" and version " < 6.4.0.2"
-
Affected