CVE-2021-1488
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000 and 2100 Series Appliances Command Injection Vulnerability
Severity Score
6.7
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track*
*SSVC
Descriptions
A vulnerability in the upgrade process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject commands that could be executed with root privileges on the underlying operating system (OS). This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by uploading a crafted upgrade package file to an affected device. A successful exploit could allow the attacker to inject commands that could be executed with root privileges on the underlying OS.
Una vulnerabilidad en el proceso de actualización del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD), podría permitir a un atacante autenticado local inyectar comandos que podrían ser ejecutados con privilegios root en el sistema operativo (SO) subyacente. Esta vulnerabilidad es debido a una comprobación insuficiente de entrada . Un atacante podría explotar esta vulnerabilidad al cargar un archivo de paquete de actualización diseñado a un dispositivo afectado. Una explotación con éxito podría permitir al atacante inyectar comandos que podrían ser ejecutados con privilegios root en el sistema operativo subyacente
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track*
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-11-13 CVE Reserved
- 2021-04-29 CVE Published
- 2023-03-08 EPSS Updated
- 2024-11-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.5.0 < 6.6.4 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1010 Search vendor "Cisco" for product "Firepower 1010" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.5.0 < 6.6.4 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1120 Search vendor "Cisco" for product "Firepower 1120" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.5.0 < 6.6.4 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1140 Search vendor "Cisco" for product "Firepower 1140" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.5.0 < 6.6.4 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1150 Search vendor "Cisco" for product "Firepower 1150" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.5.0 < 6.6.4 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2110 Search vendor "Cisco" for product "Firepower 2110" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.5.0 < 6.6.4 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2120 Search vendor "Cisco" for product "Firepower 2120" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.5.0 < 6.6.4 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2130 Search vendor "Cisco" for product "Firepower 2130" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.5.0 < 6.6.4 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2140 Search vendor "Cisco" for product "Firepower 2140" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.7.0 < 6.7.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1010 Search vendor "Cisco" for product "Firepower 1010" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.7.0 < 6.7.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1120 Search vendor "Cisco" for product "Firepower 1120" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.7.0 < 6.7.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1140 Search vendor "Cisco" for product "Firepower 1140" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.7.0 < 6.7.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1150 Search vendor "Cisco" for product "Firepower 1150" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.7.0 < 6.7.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2110 Search vendor "Cisco" for product "Firepower 2110" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.7.0 < 6.7.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2120 Search vendor "Cisco" for product "Firepower 2120" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.7.0 < 6.7.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2130 Search vendor "Cisco" for product "Firepower 2130" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.7.0 < 6.7.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2140 Search vendor "Cisco" for product "Firepower 2140" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.13 < 9.13.1.21 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1010 Search vendor "Cisco" for product "Firepower 1010" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.13 < 9.13.1.21 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1120 Search vendor "Cisco" for product "Firepower 1120" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.13 < 9.13.1.21 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1140 Search vendor "Cisco" for product "Firepower 1140" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.13 < 9.13.1.21 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1150 Search vendor "Cisco" for product "Firepower 1150" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.13 < 9.13.1.21 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2110 Search vendor "Cisco" for product "Firepower 2110" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.13 < 9.13.1.21 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2120 Search vendor "Cisco" for product "Firepower 2120" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.13 < 9.13.1.21 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2130 Search vendor "Cisco" for product "Firepower 2130" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.13 < 9.13.1.21 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2140 Search vendor "Cisco" for product "Firepower 2140" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.14 < 9.14.2.13 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1010 Search vendor "Cisco" for product "Firepower 1010" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.14 < 9.14.2.13 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1120 Search vendor "Cisco" for product "Firepower 1120" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.14 < 9.14.2.13 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1140 Search vendor "Cisco" for product "Firepower 1140" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.14 < 9.14.2.13 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1150 Search vendor "Cisco" for product "Firepower 1150" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.14 < 9.14.2.13 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2110 Search vendor "Cisco" for product "Firepower 2110" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.14 < 9.14.2.13 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2120 Search vendor "Cisco" for product "Firepower 2120" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.14 < 9.14.2.13 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2130 Search vendor "Cisco" for product "Firepower 2130" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.14 < 9.14.2.13 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2140 Search vendor "Cisco" for product "Firepower 2140" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.15 < 9.15.1.10 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1010 Search vendor "Cisco" for product "Firepower 1010" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.15 < 9.15.1.10 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1120 Search vendor "Cisco" for product "Firepower 1120" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.15 < 9.15.1.10 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1140 Search vendor "Cisco" for product "Firepower 1140" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.15 < 9.15.1.10 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1150 Search vendor "Cisco" for product "Firepower 1150" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.15 < 9.15.1.10 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2110 Search vendor "Cisco" for product "Firepower 2110" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.15 < 9.15.1.10 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2120 Search vendor "Cisco" for product "Firepower 2120" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.15 < 9.15.1.10 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2130 Search vendor "Cisco" for product "Firepower 2130" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.15 < 9.15.1.10 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2140 Search vendor "Cisco" for product "Firepower 2140" | - | - |
Safe
|