ID |
CVE-2021-34761
|
Sažetak |
A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. The attacker must have administrative credentials on the device. This vulnerability is due to incomplete validation of user input for a specific CLI command. An attacker could exploit this vulnerability by authenticating to the device with administrative privileges and issuing a CLI command with crafted user parameters. A successful exploit could allow the attacker to overwrite or append arbitrary data to system files using root-level privileges. |
Reference |
|
CVSS |
Base: | 6.6 |
Impact: | 9.2 |
Exploitability: | 3.9 |
|
Pristup |
Vektor | Složenost | Autentikacija |
LOCAL |
LOW |
NONE |
|
Impact |
Povjerljivost | Cjelovitost | Dostupnost |
NONE |
COMPLETE |
COMPLETE |
|
CVSS vektor |
AV:L/AC:L/Au:N/C:N/I:C/A:C |
Zadnje važnije ažuriranje |
07-11-2023 - 03:36 |
Objavljeno |
27-10-2021 - 19:15 |