CVE-2017-3806 Vulnerability Details

  /     /     /  

CVE-2017-3806 Metadata Quick Info

CVE Published: 03/02/2017 | CVE Updated: 05/08/2024 | CVE Year: 2017
Source: cisco | Vendor: n/a | Product: Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance 2.0(1.68)
Status : PUBLISHED

---

CVE-2017-3806 Description

A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. More Information: CSCvb61343. Known Affected Releases: 2.0(1.68). Known Fixed Releases: 2.0(1.118) 2.1(1.47) 92.1(1.1646) 92.1(1.1763) 92.2(1.101).

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: inject arbitrary shell commands
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).