Cisco firepower 11404/13/2023 From a technical standpoint, the vulnerability is caused by insufficient user input validation for some REST API commands,” Abramov said. “To exploit this vulnerability, all attackers need to do is to obtain credentials of a user with low privileges and send a specially crafted HTTP request. The issue has a CVSS score of 6.3, as it requires for the attacker to have valid user credentials to the affected device. Successful exploitation would result in the attacker being able to execute arbitrary code on the underlying operating system. To exploit the vulnerability, an attacker needs to send a special HTTP request to the API subsystem of a vulnerable device. The flaw exists because user input on specific commands isn’t sufficiently sanitized. ![]() Tracked as CVE-2021-1518 and rated medium severity, the remote code execution (RCE) vulnerability was discovered by Positive Technologies security researchers Nikita Abramov and Mikhail Klyuchnikov in the REST API of FDM On-Box. Cisco has addressed a vulnerability in the Firepower Device Manager (FDM) On-Box software that could be exploited to gain code execution on vulnerable devices.įDM On-Box is used to configure Cisco Firepower firewalls, providing administrators with both management and diagnostics capabilities.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |