6.7
CVE-2026-20099
- EPSS 0.06%
- Veröffentlicht 25.02.2026 16:25:38
- Zuletzt bearbeitet 27.02.2026 14:06:59
- Quelle psirt@cisco.com
- CVE-Watchlists
- Unerledigt
A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. This vulnerability is due to insufficient input validation of command arguments supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of the affected device with root-level privileges.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerCisco
≫
Produkt
Cisco Firepower Extensible Operating System (FXOS)
Default Statusunknown
Version
2.3.1.99
Status
affected
Version
2.3.1.56
Status
affected
Version
2.3.1.110
Status
affected
Version
2.3.1.58
Status
affected
Version
2.6.1.174
Status
affected
Version
2.6.1.157
Status
affected
Version
2.3.1.91
Status
affected
Version
2.3.1.73
Status
affected
Version
2.3.1.66
Status
affected
Version
2.6.1.166
Status
affected
Version
2.3.1.111
Status
affected
Version
2.3.1.166
Status
affected
Version
2.3.1.144
Status
affected
Version
2.6.1.131
Status
affected
Version
2.3.1.130
Status
affected
Version
2.3.1.88
Status
affected
Version
2.6.1.169
Status
affected
Version
2.3.1.75
Status
affected
Version
2.3.1.93
Status
affected
Version
2.3.1.145
Status
affected
Version
2.3.1.155
Status
affected
Version
2.6.1.187
Status
affected
Version
2.3.1.173
Status
affected
Version
2.3.1.179
Status
affected
Version
2.6.1.192
Status
affected
Version
2.3.1.180
Status
affected
Version
2.6.1.204
Status
affected
Version
2.6.1.214
Status
affected
Version
2.3.1.190
Status
affected
Version
2.6.1.224
Status
affected
Version
2.6.1.229
Status
affected
Version
2.3.1.215
Status
affected
Version
2.10.1.159
Status
affected
Version
2.3.1.216
Status
affected
Version
2.6.1.230
Status
affected
Version
2.10.1.166
Status
affected
Version
2.6.1.238
Status
affected
Version
2.6.1.239
Status
affected
Version
2.11.1.154
Status
affected
Version
2.10.1.179
Status
affected
Version
2.3.1.219
Status
affected
Version
2.6.1.254
Status
affected
Version
2.12.0.31
Status
affected
Version
2.12.0.432
Status
affected
Version
2.10.1.207
Status
affected
Version
2.3.1.230
Status
affected
Version
2.6.1.259
Status
affected
Version
2.11.1.182
Status
affected
Version
2.12.0.450
Status
affected
Version
2.10.1.234
Status
affected
Version
2.13.0.198
Status
affected
Version
2.12.0.467
Status
affected
Version
2.13.0.212
Status
affected
Version
2.6.1.264
Status
affected
Version
2.10.1.245
Status
affected
Version
2.11.1.200
Status
affected
Version
2.12.0.498
Status
affected
Version
2.10.1.271
Status
affected
Version
2.12.1.29
Status
affected
Version
2.13.0.243
Status
affected
Version
2.11.1.205
Status
affected
Version
2.6.1.265
Status
affected
Version
2.12.1.48
Status
affected
Version
2.14.1.131
Status
affected
Version
2.13.0.276
Status
affected
Version
2.11.1.228
Status
affected
Version
2.12.1.72
Status
affected
Version
2.10.1.312
Status
affected
Version
2.6.1.272
Status
affected
Version
2.14.1.143
Status
affected
Version
2.14.1.163
Status
affected
Version
2.14.1.167
Status
affected
Version
2.12.1.84
Status
affected
Version
2.16.0.128
Status
affected
Version
2.10.1.328
Status
affected
Version
2.10.1.341
Status
affected
Version
2.11.1.236
Status
affected
Version
2.12.1.95
Status
affected
Version
2.13.0.357
Status
affected
Version
2.16.0.136
Status
affected
Version
2.14.1.186
Status
affected
Version
2.17.0.518
Status
affected
Version
2.14.1.187
Status
affected
HerstellerCisco
≫
Produkt
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software
Default Statusunknown
Version
9.12.2
Status
affected
Version
9.12.1
Status
affected
Version
9.12.3
Status
affected
Version
9.12.4
Status
affected
Version
9.12.3.2
Status
affected
Version
9.12.3.12
Status
affected
Version
9.12.2.5
Status
affected
Version
9.12.1.2
Status
affected
Version
9.12.2.1
Status
affected
Version
9.12.3.7
Status
affected
Version
9.12.2.9
Status
affected
Version
9.12.3.9
Status
affected
Version
9.12.1.3
Status
affected
Version
9.12.4.2
Status
affected
Version
9.12.4.4
Status
affected
Version
9.12.4.7
Status
affected
Version
9.12.4.8
Status
affected
Version
9.12.4.10
Status
affected
Version
9.12.4.13
Status
affected
Version
9.12.4.18
Status
affected
Version
9.12.4.24
Status
affected
Version
9.16.1
Status
affected
Version
9.12.4.26
Status
affected
Version
9.16.1.28
Status
affected
Version
9.12.4.29
Status
affected
Version
9.16.2
Status
affected
Version
9.12.4.30
Status
affected
Version
9.16.2.3
Status
affected
Version
9.12.4.35
Status
affected
Version
9.16.2.7
Status
affected
Version
9.12.4.37
Status
affected
Version
9.17.1
Status
affected
Version
9.16.2.11
Status
affected
Version
9.16.2.13
Status
affected
Version
9.12.4.39
Status
affected
Version
9.12.4.38
Status
affected
Version
9.16.2.14
Status
affected
Version
9.17.1.7
Status
affected
Version
9.12.4.40
Status
affected
Version
9.16.3.3
Status
affected
Version
9.16.3
Status
affected
Version
9.17.1.9
Status
affected
Version
9.16.3.14
Status
affected
Version
9.12.4.41
Status
affected
Version
9.17.1.10
Status
affected
Version
9.18.1
Status
affected
Version
9.12.4.47
Status
affected
Version
9.16.3.15
Status
affected
Version
9.18.1.3
Status
affected
Version
9.17.1.11
Status
affected
Version
9.12.4.48
Status
affected
Version
9.18.2
Status
affected
Version
9.16.3.19
Status
affected
Version
9.17.1.13
Status
affected
Version
9.12.4.50
Status
affected
Version
9.17.1.15
Status
affected
Version
9.12.4.52
Status
affected
Version
9.16.3.23
Status
affected
Version
9.18.2.5
Status
affected
Version
9.16.4
Status
affected
Version
9.12.4.54
Status
affected
Version
9.17.1.20
Status
affected
Version
9.18.2.7
Status
affected
Version
9.19.1
Status
affected
Version
9.16.4.9
Status
affected
Version
9.12.4.55
Status
affected
Version
9.18.2.8
Status
affected
Version
9.16.4.14
Status
affected
Version
9.18.3
Status
affected
Version
9.19.1.5
Status
affected
Version
9.12.4.56
Status
affected
Version
9.17.1.30
Status
affected
Version
9.19.1.9
Status
affected
Version
9.18.3.39
Status
affected
Version
9.16.4.19
Status
affected
Version
9.12.4.58
Status
affected
Version
9.19.1.12
Status
affected
Version
9.18.3.46
Status
affected
Version
9.16.4.27
Status
affected
Version
9.19.1.18
Status
affected
Version
9.18.3.53
Status
affected
Version
9.18.3.55
Status
affected
Version
9.16.4.38
Status
affected
Version
9.17.1.33
Status
affected
Version
9.12.4.62
Status
affected
Version
9.16.4.39
Status
affected
Version
9.18.3.56
Status
affected
Version
9.16.4.42
Status
affected
Version
9.19.1.22
Status
affected
Version
9.18.4
Status
affected
Version
9.18.4.5
Status
affected
Version
9.19.1.24
Status
affected
Version
9.16.4.48
Status
affected
Version
9.18.4.8
Status
affected
Version
9.20.2
Status
affected
Version
9.19.1.27
Status
affected
Version
9.12.4.65
Status
affected
Version
9.16.4.55
Status
affected
Version
9.18.4.22
Status
affected
Version
9.20.2.10
Status
affected
Version
9.16.4.57
Status
affected
Version
9.19.1.28
Status
affected
Version
9.17.1.39
Status
affected
Version
9.12.4.67
Status
affected
Version
9.18.4.24
Status
affected
Version
9.20.2.21
Status
affected
Version
9.16.4.61
Status
affected
Version
9.19.1.31
Status
affected
Version
9.18.4.29
Status
affected
Version
9.20.2.22
Status
affected
Version
9.16.4.62
Status
affected
Version
9.18.4.34
Status
affected
Version
9.20.3
Status
affected
Version
9.16.4.67
Status
affected
Version
9.18.4.40
Status
affected
Version
9.16.4.71
Status
affected
Version
9.20.3.4
Status
affected
Version
9.18.4.47
Status
affected
Version
9.20.3.7
Status
affected
Version
9.17.1.45
Status
affected
Version
9.19.1.37
Status
affected
Version
9.16.4.76
Status
affected
Version
9.18.4.50
Status
affected
Version
9.20.3.10
Status
affected
Version
9.18.4.52
Status
affected
Version
9.20.3.13
Status
affected
Version
9.18.4.53
Status
affected
Version
9.16.4.82
Status
affected
Version
9.20.3.16
Status
affected
Version
9.19.1.42
Status
affected
Version
9.18.4.57
Status
affected
Version
9.16.4.84
Status
affected
Version
9.20.3.20
Status
affected
Version
9.20.4
Status
affected
Version
9.20.4.7
Status
affected
HerstellerCisco
≫
Produkt
Cisco Unified Computing System (Managed)
Default Statusunknown
Version
4.0(4h)
Status
affected
Version
4.1(1a)
Status
affected
Version
4.0(1c)
Status
affected
Version
4.0(4a)
Status
affected
Version
4.0(1a)
Status
affected
Version
4.0(1d)
Status
affected
Version
4.1(1c)
Status
affected
Version
4.0(2a)
Status
affected
Version
4.0(4g)
Status
affected
Version
4.0(2e)
Status
affected
Version
4.0(4c)
Status
affected
Version
4.0(4f)
Status
affected
Version
4.0(1b)
Status
affected
Version
4.0(2b)
Status
affected
Version
4.0(2d)
Status
affected
Version
4.1(1b)
Status
affected
Version
4.0(4d)
Status
affected
Version
4.0(4e)
Status
affected
Version
4.0(4b)
Status
affected
Version
4.1(2a)
Status
affected
Version
4.1(1d)
Status
affected
Version
4.0(4i)
Status
affected
Version
4.1(1e)
Status
affected
Version
4.1(2b)
Status
affected
Version
4.0(4k)
Status
affected
Version
4.1(3a)
Status
affected
Version
4.1(3b)
Status
affected
Version
4.1(2c)
Status
affected
Version
4.0(4l)
Status
affected
Version
4.1(4a)
Status
affected
Version
4.1(3c)
Status
affected
Version
4.1(3d)
Status
affected
Version
4.2(1c)
Status
affected
Version
4.2(1d)
Status
affected
Version
4.0(4m)
Status
affected
Version
4.1(3e)
Status
affected
Version
4.2(1f)
Status
affected
Version
4.1(3f)
Status
affected
Version
4.2(1i)
Status
affected
Version
4.1(3h)
Status
affected
Version
4.2(1k)
Status
affected
Version
4.2(1l)
Status
affected
Version
4.0(4n)
Status
affected
Version
4.2(1m)
Status
affected
Version
4.1(3i)
Status
affected
Version
4.2(2a)
Status
affected
Version
4.2(1n)
Status
affected
Version
4.1(3j)
Status
affected
Version
4.2(2c)
Status
affected
Version
4.2(2d)
Status
affected
Version
4.2(3b)
Status
affected
Version
4.1(3k)
Status
affected
Version
4.0(4o)
Status
affected
Version
4.2(2e)
Status
affected
Version
4.2(3d)
Status
affected
Version
4.2(3e)
Status
affected
Version
4.2(3g)
Status
affected
Version
4.1(3l)
Status
affected
Version
4.3(2b)
Status
affected
Version
4.2(3h)
Status
affected
Version
4.2(3i)
Status
affected
Version
4.3(2c)
Status
affected
Version
4.1(3m)
Status
affected
Version
4.3(2e)
Status
affected
Version
4.3(3a)
Status
affected
Version
4.2(3j)
Status
affected
Version
4.3(3c)
Status
affected
Version
4.3(4a)
Status
affected
Version
4.2(3k)
Status
affected
Version
4.3(4b)
Status
affected
Version
4.3(4c)
Status
affected
Version
4.2(3l)
Status
affected
Version
4.3(4d)
Status
affected
Version
4.3(2f)
Status
affected
Version
4.2(3m)
Status
affected
Version
4.3(5a)
Status
affected
Version
4.3(4e)
Status
affected
Version
4.1(3n)
Status
affected
Version
4.3(4f)
Status
affected
Version
4.2(3n)
Status
affected
Version
4.3(5c)
Status
affected
Version
4.2(3o)
Status
affected
Version
4.3(5d)
Status
affected
Version
4.3(6a)
Status
affected
Version
4.3(6b)
Status
affected
Version
4.3(5e)
Status
affected
Version
4.2(3p)
Status
affected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.198 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@cisco.com | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.