A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to perform directory traversal and access directories outside the restricted path. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using a relative path in specific sfmgr commands. An exploit could allow the attacker to read or write arbitrary files on an sftunnel-connected peer device.
Metrics
Affected Vendors & Products
References
History
Tue, 26 Nov 2024 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Cisco secure Firewall Management Center
|
|
CPEs | cpe:2.3:a:cisco:firepower_management_center:6.2.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center:6.2.1:*:*:*:*:*:*:* |
cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:* cpe:2.3:a:cisco:secure_firewall_management_center:6.2.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:secure_firewall_management_center:6.2.1:*:*:*:*:*:*:* |
Vendors & Products |
Cisco firepower Management Center
|
Cisco secure Firewall Management Center
|
Wed, 13 Nov 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2020-10-21T18:35:20.388990Z
Updated: 2024-11-13T17:50:42.483Z
Reserved: 2019-12-12T00:00:00
Link: CVE-2020-3550
Vulnrichment
Updated: 2024-08-04T07:37:55.239Z
NVD
Status : Modified
Published: 2020-10-21T19:15:17.217
Modified: 2024-11-26T16:09:02.407
Link: CVE-2020-3550
Redhat
No data.