Vulnerability CVE-2022-20729

Vulnerability Name:

CVE-2022-20729 (CCN-225280)

Assigned:

2021-11-02

Published:

2022-04-27

Updated:

2022-05-12

Summary:

A vulnerability in CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject XML into the command parser. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted input in commands. A successful exploit could allow the attacker to inject XML into the command parser, which could result in unexpected processing of the command and unexpected command output.

CVSS v3 Severity:

7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

4.4 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)
3.9 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

3.2 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-91

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2022-20729

Source: XF
Type: UNKNOWN
cisco-ftd-cve202220729-cmd-exec(225280)

Source: CCN
Type: Cisco Security Advisory cisco-sa-ftd-xmlinj-8GWjGzKe
Cisco Firepower Threat Defense Software XML Injection Vulnerability

Source: CISCO
Type: Vendor Advisory
20220427 Cisco Firepower Threat Defense Software XML Injection Vulnerability

Vulnerable Configuration:

Configuration 1:

cpe:/a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* (Version >= 6.7.0 and < 7.0.2)

OR cpe:/a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* (Version >= 6.5.0 and < 6.6.5.2)

OR cpe:/a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* (Version < 6.4.0.15)

Denotes that component is vulnerable

BACK