CVE-2021-1488
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000 and 2100 Series Appliances Command Injection Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the upgrade process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject commands that could be executed with root privileges on the underlying operating system (OS). This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by uploading a crafted upgrade package file to an affected device. A successful exploit could allow the attacker to inject commands that could be executed with root privileges on the underlying OS.
Una vulnerabilidad en el proceso de actualización del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD), podría permitir a un atacante autenticado local inyectar comandos que podrían ser ejecutados con privilegios root en el sistema operativo (SO) subyacente. Esta vulnerabilidad es debido a una comprobación insuficiente de entrada . Un atacante podría explotar esta vulnerabilidad al cargar un archivo de paquete de actualización diseñado a un dispositivo afectado. Una explotación con éxito podría permitir al atacante inyectar comandos que podrían ser ejecutados con privilegios root en el sistema operativo subyacente
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2020-11-13 CVE Reserved
- 2021-04-29 CVE Published
- 2023-03-08 EPSS Updated
- 2024-11-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.5.0 < 6.6.4 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1010 Search vendor "Cisco" for product "Firepower 1010" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.5.0 < 6.6.4 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1120 Search vendor "Cisco" for product "Firepower 1120" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.5.0 < 6.6.4 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1140 Search vendor "Cisco" for product "Firepower 1140" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.5.0 < 6.6.4 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1150 Search vendor "Cisco" for product "Firepower 1150" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.5.0 < 6.6.4 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2110 Search vendor "Cisco" for product "Firepower 2110" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.5.0 < 6.6.4 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2120 Search vendor "Cisco" for product "Firepower 2120" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.5.0 < 6.6.4 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2130 Search vendor "Cisco" for product "Firepower 2130" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.5.0 < 6.6.4 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2140 Search vendor "Cisco" for product "Firepower 2140" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.7.0 < 6.7.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1010 Search vendor "Cisco" for product "Firepower 1010" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.7.0 < 6.7.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1120 Search vendor "Cisco" for product "Firepower 1120" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.7.0 < 6.7.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1140 Search vendor "Cisco" for product "Firepower 1140" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.7.0 < 6.7.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1150 Search vendor "Cisco" for product "Firepower 1150" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.7.0 < 6.7.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2110 Search vendor "Cisco" for product "Firepower 2110" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.7.0 < 6.7.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2120 Search vendor "Cisco" for product "Firepower 2120" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.7.0 < 6.7.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2130 Search vendor "Cisco" for product "Firepower 2130" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.7.0 < 6.7.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2140 Search vendor "Cisco" for product "Firepower 2140" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.13 < 9.13.1.21 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1010 Search vendor "Cisco" for product "Firepower 1010" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.13 < 9.13.1.21 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1120 Search vendor "Cisco" for product "Firepower 1120" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.13 < 9.13.1.21 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1140 Search vendor "Cisco" for product "Firepower 1140" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.13 < 9.13.1.21 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1150 Search vendor "Cisco" for product "Firepower 1150" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.13 < 9.13.1.21 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2110 Search vendor "Cisco" for product "Firepower 2110" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.13 < 9.13.1.21 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2120 Search vendor "Cisco" for product "Firepower 2120" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.13 < 9.13.1.21 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2130 Search vendor "Cisco" for product "Firepower 2130" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.13 < 9.13.1.21 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2140 Search vendor "Cisco" for product "Firepower 2140" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.14 < 9.14.2.13 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1010 Search vendor "Cisco" for product "Firepower 1010" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.14 < 9.14.2.13 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1120 Search vendor "Cisco" for product "Firepower 1120" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.14 < 9.14.2.13 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1140 Search vendor "Cisco" for product "Firepower 1140" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.14 < 9.14.2.13 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1150 Search vendor "Cisco" for product "Firepower 1150" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.14 < 9.14.2.13 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2110 Search vendor "Cisco" for product "Firepower 2110" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.14 < 9.14.2.13 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2120 Search vendor "Cisco" for product "Firepower 2120" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.14 < 9.14.2.13 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2130 Search vendor "Cisco" for product "Firepower 2130" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.14 < 9.14.2.13 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2140 Search vendor "Cisco" for product "Firepower 2140" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.15 < 9.15.1.10 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1010 Search vendor "Cisco" for product "Firepower 1010" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.15 < 9.15.1.10 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1120 Search vendor "Cisco" for product "Firepower 1120" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.15 < 9.15.1.10 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1140 Search vendor "Cisco" for product "Firepower 1140" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.15 < 9.15.1.10 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 1150 Search vendor "Cisco" for product "Firepower 1150" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.15 < 9.15.1.10 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2110 Search vendor "Cisco" for product "Firepower 2110" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.15 < 9.15.1.10 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2120 Search vendor "Cisco" for product "Firepower 2120" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.15 < 9.15.1.10 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2130 Search vendor "Cisco" for product "Firepower 2130" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.15 < 9.15.1.10 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2140 Search vendor "Cisco" for product "Firepower 2140" | - | - |
Safe
|