CVE-2022-20828

Exploit

EPSS 82.8%
Published 24.06.2022 16:15:08
Last modified 21.11.2024 06:43:38
Source psirt@cisco.com
Teams watchlist Login
Open Login

A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerability is due to improper handling of undefined command parameters. An attacker could exploit this vulnerability by using a crafted command on the CLI or by submitting a crafted HTTPS request to the web-based management interface of the Cisco ASA that is hosting the ASA FirePOWER module. Note: To exploit this vulnerability, the attacker must have administrative access to the Cisco ASA. A user who has administrative access to a particular Cisco ASA is also expected to have administrative access to the ASA FirePOWER module that is hosted by that Cisco ASA.

Affected products Warnungen 0 Metrics 4 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Asa Firepower Version < 6.2.3.19

   Cisco ≫ Firepower 1010 Version-
   Cisco ≫ Firepower 1120 Version-
   Cisco ≫ Firepower 1140 Version-
   Cisco ≫ Firepower 1150 Version-
   Cisco ≫ Firepower 2110 Version-
   Cisco ≫ Firepower 2120 Version-
   Cisco ≫ Firepower 2130 Version-
   Cisco ≫ Firepower 2140 Version-
   Cisco ≫ Firepower 4110 Version-
   Cisco ≫ Firepower 4112 Version-
   Cisco ≫ Firepower 4115 Version-
   Cisco ≫ Firepower 4120 Version-
   Cisco ≫ Firepower 4125 Version-
   Cisco ≫ Firepower 4140 Version-
   Cisco ≫ Firepower 4145 Version-
   Cisco ≫ Firepower 4150 Version-
   Cisco ≫ Firepower 9300 Version-
   Cisco ≫ Firepower Management Center Version-
   Cisco ≫ Firepower Management Center Virtual Appliance Version-

Cisco ≫ Asa Firepower Version >= 6.3.0 < 6.4.0.15

Cisco ≫ Asa Firepower Version >= 6.5.0 < 6.6.7

Cisco ≫ Asa Firepower Version >= 6.7.0 < 7.0.2.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	82.8%	0.992

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	9	8	10	AV:N/AC:L/Au:S/C:C/I:C/A:C
psirt@cisco.com	6.5	1.2	5.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

CWE-236 Improper Handling of Undefined Parameters

The product does not handle or incorrectly handles when a particular parameter, field, or argument name is not defined or supported by the product.

https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/

Third Party Advisory

Exploit

http://packetstormsecurity.com/files/168256/Cisco-ASA-X-With-FirePOWER-Services-Authenticated-Command-Injection.html

Third Party Advisory

Exploit

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asasfr-cmd-inject-PE4GfdG

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-20828

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-20828

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-20828

EUVD