Details of VAR-201910-0328

ID

VAR-201910-0328

CVE

CVE-2019-12674

TITLE

Cisco Firepower Threat Defense Software encoding and escaping vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2019-010358

DESCRIPTION

Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances. Cisco Firepower Threat Defense (FTD) The software contains encoding and escaping vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. A security vulnerability exists in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software in Cisco Firepower 4100 Series Security Appliances and Firepower 9300 Series Security Appliances. The vulnerability stems from the fact that the program does not adequately protect the underlying file system

Trust: 1.71

sources: NVD: CVE-2019-12674 // JVNDB: JVNDB-2019-010358 // VULHUB: VHN-144444

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.4.0.2	Trust: 1.0
vendor:	cisco	model:	firepower 4145	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	firepower 4150	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	firepower 9300	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	firepower 4140	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	firepower 4125	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	firepower 4110	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	firepower 4120	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	firepower 4115	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	firepower threat defense software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower 4110	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower 4115	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower 4120	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower 4125	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower 4140	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower 4145	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower 4150	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower 9300	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.0.0	Trust: 0.6
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.0.1	Trust: 0.6
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	5.3.0	Trust: 0.6
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	5.4.0	Trust: 0.6
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.0.1.3	Trust: 0.6
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.0	Trust: 0.6
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.0.1.2	Trust: 0.6
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.0.0.1	Trust: 0.6
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.0.1.1	Trust: 0.6
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	-	Trust: 0.6

sources: JVNDB: JVNDB-2019-010358 // CNNVD: CNNVD-201910-088 // NVD: CVE-2019-12674

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-12674
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-12674
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-12674
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201910-088
value:	HIGH
Trust: 0.6
VULHUB:	VHN-144444
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-12674
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-144444
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

ykramarz@cisco.com:	CVE-2019-12674
baseSeverity:	HIGH
baseScore:	8.2
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.5
impactScore:	6.0
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2019-12674
baseSeverity:	HIGH
baseScore:	8.2
vectorString:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.5
impactScore:	6.0
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-144444 // JVNDB: JVNDB-2019-010358 // CNNVD: CNNVD-201910-088 // NVD: CVE-2019-12674 // NVD: CVE-2019-12674

PROBLEMTYPE DATA

problemtype:	CWE-116	Trust: 1.9
problemtype:	CWE-216	Trust: 1.0

sources: VULHUB: VHN-144444 // JVNDB: JVNDB-2019-010358 // NVD: CVE-2019-12674

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201910-088

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201910-088

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-010358

PATCH

title:	cisco-sa-20191002-ftd-container-esc	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc	Trust: 0.8
title:	Cisco Firepower 4100 Series Security Appliances and Firepower 9300 Series Security Appliances Cisco Firepower Threat Defense Software Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98824	Trust: 0.6

sources: JVNDB: JVNDB-2019-010358 // CNNVD: CNNVD-201910-088

EXTERNAL IDS

db:	NVD	id:	CVE-2019-12674	Trust: 2.5
db:	JVNDB	id:	JVNDB-2019-010358	Trust: 0.8
db:	CNNVD	id:	CNNVD-201910-088	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.3708	Trust: 0.6
db:	VULHUB	id:	VHN-144444	Trust: 0.1

sources: VULHUB: VHN-144444 // JVNDB: JVNDB-2019-010358 // CNNVD: CNNVD-201910-088 // NVD: CVE-2019-12674

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191002-ftd-container-esc	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-12674	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-12674	Trust: 0.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191002-ftd-cmdinj	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.3708/	Trust: 0.6

sources: VULHUB: VHN-144444 // JVNDB: JVNDB-2019-010358 // CNNVD: CNNVD-201910-088 // NVD: CVE-2019-12674

SOURCES

db:	VULHUB	id:	VHN-144444
db:	JVNDB	id:	JVNDB-2019-010358
db:	CNNVD	id:	CNNVD-201910-088
db:	NVD	id:	CVE-2019-12674

LAST UPDATE DATE

2024-08-14T13:55:07.990000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-144444	date:	2019-10-09T00:00:00
db:	JVNDB	id:	JVNDB-2019-010358	date:	2019-10-11T00:00:00
db:	CNNVD	id:	CNNVD-201910-088	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2019-12674	date:	2019-10-09T23:46:02.793

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-144444	date:	2019-10-02T00:00:00
db:	JVNDB	id:	JVNDB-2019-010358	date:	2019-10-11T00:00:00
db:	CNNVD	id:	CNNVD-201910-088	date:	2019-10-02T00:00:00
db:	NVD	id:	CVE-2019-12674	date:	2019-10-02T19:15:12.123