CVE-2023-20063 - Vulnerability Details

Vendors	Products
Cisco	Firepower Threat Defense Secure Firewall Management Center

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L

Type	Values Removed	Values Added
First Time appeared		Cisco secure Firewall Management Center
CPEs	cpe:2.3:a:cisco:firepower_management_center::::::::	cpe:2.3:a:cisco:secure_firewall_management_center::::::::
Vendors & Products	Cisco firepower Management Center	Cisco secure Firewall Management Center

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'No', 'Exploitation': 'None', 'Technical Impact': 'Total'}, 'version': '2.0.3'}`

Type	Values Removed	Values Added
Description	A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by accessing the expert mode of an affected device and submitting specific commands to a connected system. A successful exploit could allow the attacker to execute arbitrary code in the context of an FMC device if the attacker has administrative privileges on an associated FTD device. Alternatively, a successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device.	A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by accessing the expert mode of an affected device and submitting specific commands to a connected system. A successful exploit could allow the attacker to execute arbitrary code in the context of an FMC device if the attacker has administrative privileges on an associated FTD device. Alternatively, a successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device.
Title		Cisco Cisco Firepower Threat Defense Software and Cisco Firepower Management Center Code Injection Vulnerability

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-20063", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2022-10-27T18:47:50.321Z", "datePublished": "2023-11-01T17:11:46.268Z", "dateUpdated": "2024-10-23T19:40:26.769Z"}, "containers": {"cna": {"title": "Cisco Cisco Firepower Threat Defense Software and Cisco Firepower Management Center Code Injection Vulnerability", "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "baseScore": 8.2, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}}], "descriptions": [{"lang": "en", "value": "A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by accessing the expert mode of an affected device and submitting specific commands to a connected system. A successful exploit could allow the attacker to execute arbitrary code in the context of an FMC device if the attacker has administrative privileges on an associated FTD device. Alternatively, a successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L", "name": "cisco-sa-ftd-fmc-code-inj-wSHrgz8L"}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-ftd-fmc-code-inj-wSHrgz8L", "discovery": "INTERNAL", "defects": ["CSCwb42031"]}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "Improper Control of Generation of Code ('Code Injection')", "type": "cwe", "cweId": "CWE-94"}]}], "affected": [{"vendor": "Cisco", "product": "Cisco Firepower Management Center", "versions": [{"version": "6.2.3.12", "status": "affected"}, {"version": "6.2.3.1", "status": "affected"}, {"version": "6.2.3.10", "status": "affected"}, {"version": "6.2.3.8", "status": "affected"}, {"version": "6.4.0.6", "status": "affected"}, {"version": "6.2.3", "status": "affected"}, {"version": "6.4.0.7", "status": "affected"}, {"version": "6.2.3.13", "status": "affected"}, {"version": "6.2.3.5", "status": "affected"}, {"version": "6.4.0.4", "status": "affected"}, {"version": "6.2.3.9", "status": "affected"}, {"version": "6.2.3.14", "status": "affected"}, {"version": "6.4.0.1", "status": "affected"}, {"version": "6.2.3.6", "status": "affected"}, {"version": "6.2.3.11", "status": "affected"}, {"version": "6.4.0.8", "status": "affected"}, {"version": "6.2.3.2", "status": "affected"}, {"version": "6.4.0.2", "status": "affected"}, {"version": "6.2.3.3", "status": "affected"}, {"version": "6.4.0.3", "status": "affected"}, {"version": "6.2.3.7", "status": "affected"}, {"version": "6.2.3.4", "status": "affected"}, {"version": "6.4.0.5", "status": "affected"}, {"version": "6.4.0", "status": "affected"}, {"version": "6.2.3.15", "status": "affected"}, {"version": "6.6.0", "status": "affected"}, {"version": "6.4.0.9", "status": "affected"}, {"version": "6.2.3.16", "status": "affected"}, {"version": "6.6.0.1", "status": "affected"}, {"version": "6.6.1", "status": "affected"}, {"version": "6.4.0.10", "status": "affected"}, {"version": "6.7.0", "status": "affected"}, {"version": "6.4.0.11", "status": "affected"}, {"version": "6.6.3", "status": "affected"}, {"version": "6.7.0.1", "status": "affected"}, {"version": "6.6.4", "status": "affected"}, {"version": "6.4.0.12", "status": "affected"}, {"version": "6.7.0.2", "status": "affected"}, {"version": "7.0.0", "status": "affected"}, {"version": "6.2.3.17", "status": "affected"}, {"version": "7.0.0.1", "status": "affected"}, {"version": "6.6.5", "status": "affected"}, {"version": "7.0.1", "status": "affected"}, {"version": "7.1.0", "status": "affected"}, {"version": "6.6.5.1", "status": "affected"}, {"version": "6.4.0.13", "status": "affected"}, {"version": "6.7.0.3", "status": "affected"}, {"version": "7.0.1.1", "status": "affected"}, {"version": "6.2.3.18", "status": "affected"}, {"version": "6.4.0.14", "status": "affected"}, {"version": "6.6.5.2", "status": "affected"}, {"version": "7.1.0.1", "status": "affected"}, {"version": "7.0.2", "status": "affected"}, {"version": "6.4.0.15", "status": "affected"}, {"version": "7.2.0", "status": "affected"}, {"version": "7.0.2.1", "status": "affected"}, {"version": "7.0.3", "status": "affected"}, {"version": "6.6.7", "status": "affected"}, {"version": "7.1.0.2", "status": "affected"}, {"version": "7.2.0.1", "status": "affected"}, {"version": "7.0.4", "status": "affected"}, {"version": "7.2.1", "status": "affected"}, {"version": "7.0.5", "status": "affected"}, {"version": "6.4.0.16", "status": "affected"}, {"version": "7.3.0", "status": "affected"}, {"version": "7.2.2", "status": "affected"}, {"version": "6.6.7.1", "status": "affected"}, {"version": "7.3.1", "status": "affected"}, {"version": "7.2.3", "status": "affected"}, {"version": "7.1.0.3", "status": "affected"}, {"version": "7.2.3.1", "status": "affected"}, {"version": "7.2.4", "status": "affected"}, {"version": "7.0.6", "status": "affected"}, {"version": "7.2.4.1", "status": "affected"}, {"version": "7.2.5", "status": "affected"}, {"version": "7.3.1.1", "status": "affected"}, {"version": "7.4.0", "status": "affected"}, {"version": "6.4.0.17", "status": "affected"}, {"version": "7.0.6.1", "status": "affected"}, {"version": "7.2.5.1", "status": "affected"}, {"version": "7.4.1", "status": "affected"}, {"version": "7.2.6", "status": "affected"}, {"version": "7.4.1.1", "status": "affected"}, {"version": "7.0.6.2", "status": "affected"}, {"version": "6.4.0.18", "status": "affected"}, {"version": "6.6.7.2", "status": "affected"}, {"version": "7.2.7", "status": "affected"}, {"version": "7.2.5.2", "status": "affected"}, {"version": "7.3.1.2", "status": "affected"}, {"version": "7.2.8", "status": "affected"}, {"version": "7.2.8.1", "status": "affected"}], "defaultStatus": "unknown"}, {"vendor": "Cisco", "product": "Cisco Firepower Threat Defense Software", "versions": [{"version": "6.2.3.14", "status": "affected"}, {"version": "6.4.0.1", "status": "affected"}, {"version": "6.2.3.7", "status": "affected"}, {"version": "6.2.3", "status": "affected"}, {"version": "6.4.0.2", "status": "affected"}, {"version": "6.2.3.9", "status": "affected"}, {"version": "6.2.3.1", "status": "affected"}, {"version": "6.2.3.2", "status": "affected"}, {"version": "6.4.0.5", "status": "affected"}, {"version": "6.2.3.10", "status": "affected"}, {"version": "6.4.0", "status": "affected"}, {"version": "6.4.0.3", "status": "affected"}, {"version": "6.2.3.6", "status": "affected"}, {"version": "6.4.0.4", "status": "affected"}, {"version": "6.2.3.15", "status": "affected"}, {"version": "6.2.3.5", "status": "affected"}, {"version": "6.2.3.4", "status": "affected"}, {"version": "6.2.3.3", "status": "affected"}, {"version": "6.2.3.8", "status": "affected"}, {"version": "6.4.0.6", "status": "affected"}, {"version": "6.2.3.11", "status": "affected"}, {"version": "6.2.3.12", "status": "affected"}, {"version": "6.2.3.13", "status": "affected"}, {"version": "6.4.0.7", "status": "affected"}, {"version": "6.4.0.8", "status": "affected"}, {"version": "6.6.0", "status": "affected"}, {"version": "6.4.0.9", "status": "affected"}, {"version": "6.2.3.16", "status": "affected"}, {"version": "6.6.0.1", "status": "affected"}, {"version": "6.6.1", "status": "affected"}, {"version": "6.4.0.10", "status": "affected"}, {"version": "6.7.0", "status": "affected"}, {"version": "6.4.0.11", "status": "affected"}, {"version": "6.6.3", "status": "affected"}, {"version": "6.7.0.1", "status": "affected"}, {"version": "6.6.4", "status": "affected"}, {"version": "6.4.0.12", "status": "affected"}, {"version": "6.7.0.2", "status": "affected"}, {"version": "7.0.0", "status": "affected"}, {"version": "6.2.3.17", "status": "affected"}, {"version": "7.0.0.1", "status": "affected"}, {"version": "6.6.5", "status": "affected"}, {"version": "7.0.1", "status": "affected"}, {"version": "7.1.0", "status": "affected"}, {"version": "6.4.0.13", "status": "affected"}, {"version": "6.6.5.1", "status": "affected"}, {"version": "6.2.3.18", "status": "affected"}, {"version": "7.0.1.1", "status": "affected"}, {"version": "6.7.0.3", "status": "affected"}, {"version": "6.4.0.14", "status": "affected"}, {"version": "7.1.0.1", "status": "affected"}, {"version": "6.6.5.2", "status": "affected"}, {"version": "7.0.2", "status": "affected"}, {"version": "6.4.0.15", "status": "affected"}, {"version": "7.2.0", "status": "affected"}, {"version": "7.0.2.1", "status": "affected"}, {"version": "7.0.3", "status": "affected"}, {"version": "6.6.7", "status": "affected"}, {"version": "7.1.0.2", "status": "affected"}, {"version": "7.2.0.1", "status": "affected"}, {"version": "7.0.4", "status": "affected"}, {"version": "7.2.1", "status": "affected"}, {"version": "7.0.5", "status": "affected"}, {"version": "6.4.0.16", "status": "affected"}, {"version": "7.3.0", "status": "affected"}, {"version": "7.2.2", "status": "affected"}, {"version": "7.2.3", "status": "affected"}, {"version": "6.6.7.1", "status": "affected"}, {"version": "7.3.1", "status": "affected"}, {"version": "7.1.0.3", "status": "affected"}, {"version": "7.2.4", "status": "affected"}, {"version": "7.0.6", "status": "affected"}, {"version": "7.2.5", "status": "affected"}, {"version": "7.2.4.1", "status": "affected"}, {"version": "7.3.1.1", "status": "affected"}, {"version": "7.4.0", "status": "affected"}, {"version": "6.4.0.17", "status": "affected"}, {"version": "7.0.6.1", "status": "affected"}, {"version": "7.2.5.1", "status": "affected"}, {"version": "7.4.1", "status": "affected"}, {"version": "7.2.6", "status": "affected"}, {"version": "7.0.6.2", "status": "affected"}, {"version": "7.4.1.1", "status": "affected"}, {"version": "6.6.7.2", "status": "affected"}, {"version": "6.4.0.18", "status": "affected"}, {"version": "7.2.7", "status": "affected"}, {"version": "7.2.5.2", "status": "affected"}, {"version": "7.3.1.2", "status": "affected"}, {"version": "7.2.8", "status": "affected"}, {"version": "7.2.8.1", "status": "affected"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-10-23T17:06:37.547Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:57:35.628Z"}, "title": "CVE Program Container", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L", "name": "cisco-sa-ftd-fmc-code-inj-wSHrgz8L", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2023-11-15T16:39:52.764967Z", "id": "CVE-2023-20063", "options": [{"Exploitation": "None"}, {"Automatable": "No"}, {"Technical Impact": "Total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-23T19:40:26.769Z"}}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2023-20063 (string)

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

state : PUBLISHED (string)

assignerShortName : cisco (string)

dateReserved : 2022-10-27T18:47:50.321Z (string)

datePublished : 2023-11-01T17:11:46.268Z (string)

dateUpdated : 2024-10-23T19:40:26.769Z (string)

}

containers : { »

cna : { »

title : Cisco Cisco Firepower Threat Defense Software and Cisco Firepower Management Center Code Injection Vulnerability (string)

metrics : [ »

0 : { »

format : cvssV3_1 (string)

cvssV3_1 : { »

version : 3.1 (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H (string)

baseScore : 8.2 (number)

baseSeverity : HIGH (string)

attackVector : LOCAL (string)

attackComplexity : LOW (string)

privilegesRequired : HIGH (string)

userInteraction : NONE (string)

scope : CHANGED (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

availabilityImpact : HIGH (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by accessing the expert mode of an affected device and submitting specific commands to a connected system. A successful exploit could allow the attacker to execute arbitrary code in the context of an FMC device if the attacker has administrative privileges on an associated FTD device. Alternatively, a successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device. (string)

}

]

references : [ »

0 : { »

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L (string)

name : cisco-sa-ftd-fmc-code-inj-wSHrgz8L (string)

}

]

exploits : [ »

0 : { »

lang : en (string)

value : The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. (string)

}

]

source : { »

advisory : cisco-sa-ftd-fmc-code-inj-wSHrgz8L (string)

discovery : INTERNAL (string)

defects : [ »

0 : CSCwb42031 (string)

]

}

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

description : Improper Control of Generation of Code ('Code Injection') (string)

type : cwe (string)

cweId : CWE-94 (string)

}

]

}

]

affected : [ »

0 : { »

vendor : Cisco (string)

product : Cisco Firepower Management Center (string)

versions : [ »

0 : { »

version : 6.2.3.12 (string)

status : affected (string)

}

1 : { »

version : 6.2.3.1 (string)

status : affected (string)

}

2 : { »

version : 6.2.3.10 (string)

status : affected (string)

}

3 : { »

version : 6.2.3.8 (string)

status : affected (string)

}

4 : { »

version : 6.4.0.6 (string)

status : affected (string)

}

5 : { »

version : 6.2.3 (string)

status : affected (string)

}

6 : { »

version : 6.4.0.7 (string)

status : affected (string)

}

7 : { »

version : 6.2.3.13 (string)

status : affected (string)

}

8 : { »

version : 6.2.3.5 (string)

status : affected (string)

}

9 : { »

version : 6.4.0.4 (string)

status : affected (string)

}

10 : { »

version : 6.2.3.9 (string)

status : affected (string)

}

11 : { »

version : 6.2.3.14 (string)

status : affected (string)

}

12 : { »

version : 6.4.0.1 (string)

status : affected (string)

}

13 : { »

version : 6.2.3.6 (string)

status : affected (string)

}

14 : { »

version : 6.2.3.11 (string)

status : affected (string)

}

15 : { »

version : 6.4.0.8 (string)

status : affected (string)

}

16 : { »

version : 6.2.3.2 (string)

status : affected (string)

}

17 : { »

version : 6.4.0.2 (string)

status : affected (string)

}

18 : { »

version : 6.2.3.3 (string)

status : affected (string)

}

19 : { »

version : 6.4.0.3 (string)

status : affected (string)

}

20 : { »

version : 6.2.3.7 (string)

status : affected (string)

}

21 : { »

version : 6.2.3.4 (string)

status : affected (string)

}

22 : { »

version : 6.4.0.5 (string)

status : affected (string)

}

23 : { »

version : 6.4.0 (string)

status : affected (string)

}

24 : { »

version : 6.2.3.15 (string)

status : affected (string)

}

25 : { »

version : 6.6.0 (string)

status : affected (string)

}

26 : { »

version : 6.4.0.9 (string)

status : affected (string)

}

27 : { »

version : 6.2.3.16 (string)

status : affected (string)

}

28 : { »

version : 6.6.0.1 (string)

status : affected (string)

}

29 : { »

version : 6.6.1 (string)

status : affected (string)

}

30 : { »

version : 6.4.0.10 (string)

status : affected (string)

}

31 : { »

version : 6.7.0 (string)

status : affected (string)

}

32 : { »

version : 6.4.0.11 (string)

status : affected (string)

}

33 : { »

version : 6.6.3 (string)

status : affected (string)

}

34 : { »

version : 6.7.0.1 (string)

status : affected (string)

}

35 : { »

version : 6.6.4 (string)

status : affected (string)

}

36 : { »

version : 6.4.0.12 (string)

status : affected (string)

}

37 : { »

version : 6.7.0.2 (string)

status : affected (string)

}

38 : { »

version : 7.0.0 (string)

status : affected (string)

}

39 : { »

version : 6.2.3.17 (string)

status : affected (string)

}

40 : { »

version : 7.0.0.1 (string)

status : affected (string)

}

41 : { »

version : 6.6.5 (string)

status : affected (string)

}

42 : { »

version : 7.0.1 (string)

status : affected (string)

}

43 : { »

version : 7.1.0 (string)

status : affected (string)

}

44 : { »

version : 6.6.5.1 (string)

status : affected (string)

}

45 : { »

version : 6.4.0.13 (string)

status : affected (string)

}

46 : { »

version : 6.7.0.3 (string)

status : affected (string)

}

47 : { »

version : 7.0.1.1 (string)

status : affected (string)

}

48 : { »

version : 6.2.3.18 (string)

status : affected (string)

}

49 : { »

version : 6.4.0.14 (string)

status : affected (string)

}

50 : { »

version : 6.6.5.2 (string)

status : affected (string)

}

51 : { »

version : 7.1.0.1 (string)

status : affected (string)

}

52 : { »

version : 7.0.2 (string)

status : affected (string)

}

53 : { »

version : 6.4.0.15 (string)

status : affected (string)

}

54 : { »

version : 7.2.0 (string)

status : affected (string)

}

55 : { »

version : 7.0.2.1 (string)

status : affected (string)

}

56 : { »

version : 7.0.3 (string)

status : affected (string)

}

57 : { »

version : 6.6.7 (string)

status : affected (string)

}

58 : { »

version : 7.1.0.2 (string)

status : affected (string)

}

59 : { »

version : 7.2.0.1 (string)

status : affected (string)

}

60 : { »

version : 7.0.4 (string)

status : affected (string)

}

61 : { »

version : 7.2.1 (string)

status : affected (string)

}

62 : { »

version : 7.0.5 (string)

status : affected (string)

}

63 : { »

version : 6.4.0.16 (string)

status : affected (string)

}

64 : { »

version : 7.3.0 (string)

status : affected (string)

}

65 : { »

version : 7.2.2 (string)

status : affected (string)

}

66 : { »

version : 6.6.7.1 (string)

status : affected (string)

}

67 : { »

version : 7.3.1 (string)

status : affected (string)

}

68 : { »

version : 7.2.3 (string)

status : affected (string)

}

69 : { »

version : 7.1.0.3 (string)

status : affected (string)

}

70 : { »

version : 7.2.3.1 (string)

status : affected (string)

}

71 : { »

version : 7.2.4 (string)

status : affected (string)

}

72 : { »

version : 7.0.6 (string)

status : affected (string)

}

73 : { »

version : 7.2.4.1 (string)

status : affected (string)

}

74 : { »

version : 7.2.5 (string)

status : affected (string)

}

75 : { »

version : 7.3.1.1 (string)

status : affected (string)

}

76 : { »

version : 7.4.0 (string)

status : affected (string)

}

77 : { »

version : 6.4.0.17 (string)

status : affected (string)

}

78 : { »

version : 7.0.6.1 (string)

status : affected (string)

}

79 : { »

version : 7.2.5.1 (string)

status : affected (string)

}

80 : { »

version : 7.4.1 (string)

status : affected (string)

}

81 : { »

version : 7.2.6 (string)

status : affected (string)

}

82 : { »

version : 7.4.1.1 (string)

status : affected (string)

}

83 : { »

version : 7.0.6.2 (string)

status : affected (string)

}

84 : { »

version : 6.4.0.18 (string)

status : affected (string)

}

85 : { »

version : 6.6.7.2 (string)

status : affected (string)

}

86 : { »

version : 7.2.7 (string)

status : affected (string)

}

87 : { »

version : 7.2.5.2 (string)

status : affected (string)

}

88 : { »

version : 7.3.1.2 (string)

status : affected (string)

}

89 : { »

version : 7.2.8 (string)

status : affected (string)

}

90 : { »

version : 7.2.8.1 (string)

status : affected (string)

}

]

defaultStatus : unknown (string)

}

1 : { »

vendor : Cisco (string)

product : Cisco Firepower Threat Defense Software (string)

versions : [ »

0 : { »

version : 6.2.3.14 (string)

status : affected (string)

}

1 : { »

version : 6.4.0.1 (string)

status : affected (string)

}

2 : { »

version : 6.2.3.7 (string)

status : affected (string)

}

3 : { »

version : 6.2.3 (string)

status : affected (string)

}

4 : { »

version : 6.4.0.2 (string)

status : affected (string)

}

5 : { »

version : 6.2.3.9 (string)

status : affected (string)

}

6 : { »

version : 6.2.3.1 (string)

status : affected (string)

}

7 : { »

version : 6.2.3.2 (string)

status : affected (string)

}

8 : { »

version : 6.4.0.5 (string)

status : affected (string)

}

9 : { »

version : 6.2.3.10 (string)

status : affected (string)

}

10 : { »

version : 6.4.0 (string)

status : affected (string)

}

11 : { »

version : 6.4.0.3 (string)

status : affected (string)

}

12 : { »

version : 6.2.3.6 (string)

status : affected (string)

}

13 : { »

version : 6.4.0.4 (string)

status : affected (string)

}

14 : { »

version : 6.2.3.15 (string)

status : affected (string)

}

15 : { »

version : 6.2.3.5 (string)

status : affected (string)

}

16 : { »

version : 6.2.3.4 (string)

status : affected (string)

}

17 : { »

version : 6.2.3.3 (string)

status : affected (string)

}

18 : { »

version : 6.2.3.8 (string)

status : affected (string)

}

19 : { »

version : 6.4.0.6 (string)

status : affected (string)

}

20 : { »

version : 6.2.3.11 (string)

status : affected (string)

}

21 : { »

version : 6.2.3.12 (string)

status : affected (string)

}

22 : { »

version : 6.2.3.13 (string)

status : affected (string)

}

23 : { »

version : 6.4.0.7 (string)

status : affected (string)

}

24 : { »

version : 6.4.0.8 (string)

status : affected (string)

}

25 : { »

version : 6.6.0 (string)

status : affected (string)

}

26 : { »

version : 6.4.0.9 (string)

status : affected (string)

}

27 : { »

version : 6.2.3.16 (string)

status : affected (string)

}

28 : { »

version : 6.6.0.1 (string)

status : affected (string)

}

29 : { »

version : 6.6.1 (string)

status : affected (string)

}

30 : { »

version : 6.4.0.10 (string)

status : affected (string)

}

31 : { »

version : 6.7.0 (string)

status : affected (string)

}

32 : { »

version : 6.4.0.11 (string)

status : affected (string)

}

33 : { »

version : 6.6.3 (string)

status : affected (string)

}

34 : { »

version : 6.7.0.1 (string)

status : affected (string)

}

35 : { »

version : 6.6.4 (string)

status : affected (string)

}

36 : { »

version : 6.4.0.12 (string)

status : affected (string)

}

37 : { »

version : 6.7.0.2 (string)

status : affected (string)

}

38 : { »

version : 7.0.0 (string)

status : affected (string)

}

39 : { »

version : 6.2.3.17 (string)

status : affected (string)

}

40 : { »

version : 7.0.0.1 (string)

status : affected (string)

}

41 : { »

version : 6.6.5 (string)

status : affected (string)

}

42 : { »

version : 7.0.1 (string)

status : affected (string)

}

43 : { »

version : 7.1.0 (string)

status : affected (string)

}

44 : { »

version : 6.4.0.13 (string)

status : affected (string)

}

45 : { »

version : 6.6.5.1 (string)

status : affected (string)

}

46 : { »

version : 6.2.3.18 (string)

status : affected (string)

}

47 : { »

version : 7.0.1.1 (string)

status : affected (string)

}

48 : { »

version : 6.7.0.3 (string)

status : affected (string)

}

49 : { »

version : 6.4.0.14 (string)

status : affected (string)

}

50 : { »

version : 7.1.0.1 (string)

status : affected (string)

}

51 : { »

version : 6.6.5.2 (string)

status : affected (string)

}

52 : { »

version : 7.0.2 (string)

status : affected (string)

}

53 : { »

version : 6.4.0.15 (string)

status : affected (string)

}

54 : { »

version : 7.2.0 (string)

status : affected (string)

}

55 : { »

version : 7.0.2.1 (string)

status : affected (string)

}

56 : { »

version : 7.0.3 (string)

status : affected (string)

}

57 : { »

version : 6.6.7 (string)

status : affected (string)

}

58 : { »

version : 7.1.0.2 (string)

status : affected (string)

}

59 : { »

version : 7.2.0.1 (string)

status : affected (string)

}

60 : { »

version : 7.0.4 (string)

status : affected (string)

}

61 : { »

version : 7.2.1 (string)

status : affected (string)

}

62 : { »

version : 7.0.5 (string)

status : affected (string)

}

63 : { »

version : 6.4.0.16 (string)

status : affected (string)

}

64 : { »

version : 7.3.0 (string)

status : affected (string)

}

65 : { »

version : 7.2.2 (string)

status : affected (string)

}

66 : { »

version : 7.2.3 (string)

status : affected (string)

}

67 : { »

version : 6.6.7.1 (string)

status : affected (string)

}

68 : { »

version : 7.3.1 (string)

status : affected (string)

}

69 : { »

version : 7.1.0.3 (string)

status : affected (string)

}

70 : { »

version : 7.2.4 (string)

status : affected (string)

}

71 : { »

version : 7.0.6 (string)

status : affected (string)

}

72 : { »

version : 7.2.5 (string)

status : affected (string)

}

73 : { »

version : 7.2.4.1 (string)

status : affected (string)

}

74 : { »

version : 7.3.1.1 (string)

status : affected (string)

}

75 : { »

version : 7.4.0 (string)

status : affected (string)

}

76 : { »

version : 6.4.0.17 (string)

status : affected (string)

}

77 : { »

version : 7.0.6.1 (string)

status : affected (string)

}

78 : { »

version : 7.2.5.1 (string)

status : affected (string)

}

79 : { »

version : 7.4.1 (string)

status : affected (string)

}

80 : { »

version : 7.2.6 (string)

status : affected (string)

}

81 : { »

version : 7.0.6.2 (string)

status : affected (string)

}

82 : { »

version : 7.4.1.1 (string)

status : affected (string)

}

83 : { »

version : 6.6.7.2 (string)

status : affected (string)

}

84 : { »

version : 6.4.0.18 (string)

status : affected (string)

}

85 : { »

version : 7.2.7 (string)

status : affected (string)

}

86 : { »

version : 7.2.5.2 (string)

status : affected (string)

}

87 : { »

version : 7.3.1.2 (string)

status : affected (string)

}

88 : { »

version : 7.2.8 (string)

status : affected (string)

}

89 : { »

version : 7.2.8.1 (string)

status : affected (string)

}

]

defaultStatus : unknown (string)

}

]

providerMetadata : { »

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

dateUpdated : 2024-10-23T17:06:37.547Z (string)

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T08:57:35.628Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L (string)

name : cisco-sa-ftd-fmc-code-inj-wSHrgz8L (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

1 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2023-11-15T16:39:52.764967Z (string)

id : CVE-2023-20063 (string)

options : [ »

0 : { »

Exploitation : None (string)

}

1 : { »

Automatable : No (string)

}

2 : { »

Technical Impact : Total (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-10-23T19:40:26.769Z (string)

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L", "name": "cisco-sa-ftd-fmc-code-inj-wSHrgz8L", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:57:35.628Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-20063", "role": "CISA Coordinator", "options": [{"Exploitation": "None"}, {"Automatable": "No"}, {"Technical Impact": "Total"}], "version": "2.0.3", "timestamp": "2023-11-15T16:39:52.764967Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-23T19:05:52.402Z"}}], "cna": {"title": "Cisco Cisco Firepower Threat Defense Software and Cisco Firepower Management Center Code Injection Vulnerability", "source": {"defects": ["CSCwb42031"], "advisory": "cisco-sa-ftd-fmc-code-inj-wSHrgz8L", "discovery": "INTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Firepower Management Center", "versions": [{"status": "affected", "version": "6.2.3.12"}, {"status": "affected", "version": "6.2.3.1"}, {"status": "affected", "version": "6.2.3.10"}, {"status": "affected", "version": "6.2.3.8"}, {"status": "affected", "version": "6.4.0.6"}, {"status": "affected", "version": "6.2.3"}, {"status": "affected", "version": "6.4.0.7"}, {"status": "affected", "version": "6.2.3.13"}, {"status": "affected", "version": "6.2.3.5"}, {"status": "affected", "version": "6.4.0.4"}, {"status": "affected", "version": "6.2.3.9"}, {"status": "affected", "version": "6.2.3.14"}, {"status": "affected", "version": "6.4.0.1"}, {"status": "affected", "version": "6.2.3.6"}, {"status": "affected", "version": "6.2.3.11"}, {"status": "affected", "version": "6.4.0.8"}, {"status": "affected", "version": "6.2.3.2"}, {"status": "affected", "version": "6.4.0.2"}, {"status": "affected", "version": "6.2.3.3"}, {"status": "affected", "version": "6.4.0.3"}, {"status": "affected", "version": "6.2.3.7"}, {"status": "affected", "version": "6.2.3.4"}, {"status": "affected", "version": "6.4.0.5"}, {"status": "affected", "version": "6.4.0"}, {"status": "affected", "version": "6.2.3.15"}, {"status": "affected", "version": "6.6.0"}, {"status": "affected", "version": "6.4.0.9"}, {"status": "affected", "version": "6.2.3.16"}, {"status": "affected", "version": "6.6.0.1"}, {"status": "affected", "version": "6.6.1"}, {"status": "affected", "version": "6.4.0.10"}, {"status": "affected", "version": "6.7.0"}, {"status": "affected", "version": "6.4.0.11"}, {"status": "affected", "version": "6.6.3"}, {"status": "affected", "version": "6.7.0.1"}, {"status": "affected", "version": "6.6.4"}, {"status": "affected", "version": "6.4.0.12"}, {"status": "affected", "version": "6.7.0.2"}, {"status": "affected", "version": "7.0.0"}, {"status": "affected", "version": "6.2.3.17"}, {"status": "affected", "version": "7.0.0.1"}, {"status": "affected", "version": "6.6.5"}, {"status": "affected", "version": "7.0.1"}, {"status": "affected", "version": "7.1.0"}, {"status": "affected", "version": "6.6.5.1"}, {"status": "affected", "version": "6.4.0.13"}, {"status": "affected", "version": "6.7.0.3"}, {"status": "affected", "version": "7.0.1.1"}, {"status": "affected", "version": "6.2.3.18"}, {"status": "affected", "version": "6.4.0.14"}, {"status": "affected", "version": "6.6.5.2"}, {"status": "affected", "version": "7.1.0.1"}, {"status": "affected", "version": "7.0.2"}, {"status": "affected", "version": "6.4.0.15"}, {"status": "affected", "version": "7.2.0"}, {"status": "affected", "version": "7.0.2.1"}, {"status": "affected", "version": "7.0.3"}, {"status": "affected", "version": "6.6.7"}, {"status": "affected", "version": "7.1.0.2"}, {"status": "affected", "version": "7.2.0.1"}, {"status": "affected", "version": "7.0.4"}, {"status": "affected", "version": "7.2.1"}, {"status": "affected", "version": "7.0.5"}, {"status": "affected", "version": "6.4.0.16"}, {"status": "affected", "version": "7.3.0"}, {"status": "affected", "version": "7.2.2"}, {"status": "affected", "version": "6.6.7.1"}, {"status": "affected", "version": "7.3.1"}, {"status": "affected", "version": "7.2.3"}, {"status": "affected", "version": "7.1.0.3"}, {"status": "affected", "version": "7.2.3.1"}, {"status": "affected", "version": "7.2.4"}, {"status": "affected", "version": "7.0.6"}, {"status": "affected", "version": "7.2.4.1"}, {"status": "affected", "version": "7.2.5"}, {"status": "affected", "version": "7.3.1.1"}, {"status": "affected", "version": "7.4.0"}, {"status": "affected", "version": "6.4.0.17"}, {"status": "affected", "version": "7.0.6.1"}, {"status": "affected", "version": "7.2.5.1"}, {"status": "affected", "version": "7.4.1"}, {"status": "affected", "version": "7.2.6"}, {"status": "affected", "version": "7.4.1.1"}, {"status": "affected", "version": "7.0.6.2"}, {"status": "affected", "version": "6.4.0.18"}, {"status": "affected", "version": "6.6.7.2"}, {"status": "affected", "version": "7.2.7"}, {"status": "affected", "version": "7.2.5.2"}, {"status": "affected", "version": "7.3.1.2"}, {"status": "affected", "version": "7.2.8"}, {"status": "affected", "version": "7.2.8.1"}], "defaultStatus": "unknown"}, {"vendor": "Cisco", "product": "Cisco Firepower Threat Defense Software", "versions": [{"status": "affected", "version": "6.2.3.14"}, {"status": "affected", "version": "6.4.0.1"}, {"status": "affected", "version": "6.2.3.7"}, {"status": "affected", "version": "6.2.3"}, {"status": "affected", "version": "6.4.0.2"}, {"status": "affected", "version": "6.2.3.9"}, {"status": "affected", "version": "6.2.3.1"}, {"status": "affected", "version": "6.2.3.2"}, {"status": "affected", "version": "6.4.0.5"}, {"status": "affected", "version": "6.2.3.10"}, {"status": "affected", "version": "6.4.0"}, {"status": "affected", "version": "6.4.0.3"}, {"status": "affected", "version": "6.2.3.6"}, {"status": "affected", "version": "6.4.0.4"}, {"status": "affected", "version": "6.2.3.15"}, {"status": "affected", "version": "6.2.3.5"}, {"status": "affected", "version": "6.2.3.4"}, {"status": "affected", "version": "6.2.3.3"}, {"status": "affected", "version": "6.2.3.8"}, {"status": "affected", "version": "6.4.0.6"}, {"status": "affected", "version": "6.2.3.11"}, {"status": "affected", "version": "6.2.3.12"}, {"status": "affected", "version": "6.2.3.13"}, {"status": "affected", "version": "6.4.0.7"}, {"status": "affected", "version": "6.4.0.8"}, {"status": "affected", "version": "6.6.0"}, {"status": "affected", "version": "6.4.0.9"}, {"status": "affected", "version": "6.2.3.16"}, {"status": "affected", "version": "6.6.0.1"}, {"status": "affected", "version": "6.6.1"}, {"status": "affected", "version": "6.4.0.10"}, {"status": "affected", "version": "6.7.0"}, {"status": "affected", "version": "6.4.0.11"}, {"status": "affected", "version": "6.6.3"}, {"status": "affected", "version": "6.7.0.1"}, {"status": "affected", "version": "6.6.4"}, {"status": "affected", "version": "6.4.0.12"}, {"status": "affected", "version": "6.7.0.2"}, {"status": "affected", "version": "7.0.0"}, {"status": "affected", "version": "6.2.3.17"}, {"status": "affected", "version": "7.0.0.1"}, {"status": "affected", "version": "6.6.5"}, {"status": "affected", "version": "7.0.1"}, {"status": "affected", "version": "7.1.0"}, {"status": "affected", "version": "6.4.0.13"}, {"status": "affected", "version": "6.6.5.1"}, {"status": "affected", "version": "6.2.3.18"}, {"status": "affected", "version": "7.0.1.1"}, {"status": "affected", "version": "6.7.0.3"}, {"status": "affected", "version": "6.4.0.14"}, {"status": "affected", "version": "7.1.0.1"}, {"status": "affected", "version": "6.6.5.2"}, {"status": "affected", "version": "7.0.2"}, {"status": "affected", "version": "6.4.0.15"}, {"status": "affected", "version": "7.2.0"}, {"status": "affected", "version": "7.0.2.1"}, {"status": "affected", "version": "7.0.3"}, {"status": "affected", "version": "6.6.7"}, {"status": "affected", "version": "7.1.0.2"}, {"status": "affected", "version": "7.2.0.1"}, {"status": "affected", "version": "7.0.4"}, {"status": "affected", "version": "7.2.1"}, {"status": "affected", "version": "7.0.5"}, {"status": "affected", "version": "6.4.0.16"}, {"status": "affected", "version": "7.3.0"}, {"status": "affected", "version": "7.2.2"}, {"status": "affected", "version": "7.2.3"}, {"status": "affected", "version": "6.6.7.1"}, {"status": "affected", "version": "7.3.1"}, {"status": "affected", "version": "7.1.0.3"}, {"status": "affected", "version": "7.2.4"}, {"status": "affected", "version": "7.0.6"}, {"status": "affected", "version": "7.2.5"}, {"status": "affected", "version": "7.2.4.1"}, {"status": "affected", "version": "7.3.1.1"}, {"status": "affected", "version": "7.4.0"}, {"status": "affected", "version": "6.4.0.17"}, {"status": "affected", "version": "7.0.6.1"}, {"status": "affected", "version": "7.2.5.1"}, {"status": "affected", "version": "7.4.1"}, {"status": "affected", "version": "7.2.6"}, {"status": "affected", "version": "7.0.6.2"}, {"status": "affected", "version": "7.4.1.1"}, {"status": "affected", "version": "6.6.7.2"}, {"status": "affected", "version": "6.4.0.18"}, {"status": "affected", "version": "7.2.7"}, {"status": "affected", "version": "7.2.5.2"}, {"status": "affected", "version": "7.3.1.2"}, {"status": "affected", "version": "7.2.8"}, {"status": "affected", "version": "7.2.8.1"}], "defaultStatus": "unknown"}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L", "name": "cisco-sa-ftd-fmc-code-inj-wSHrgz8L"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by accessing the expert mode of an affected device and submitting specific commands to a connected system. A successful exploit could allow the attacker to execute arbitrary code in the context of an FMC device if the attacker has administrative privileges on an associated FTD device. Alternatively, a successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-94", "description": "Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-10-23T17:06:37.547Z"}}}, "cveMetadata": {"cveId": "CVE-2023-20063", "state": "PUBLISHED", "dateUpdated": "2024-10-23T19:40:26.769Z", "dateReserved": "2022-10-27T18:47:50.321Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2023-11-01T17:11:46.268Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L (string)

name : cisco-sa-ftd-fmc-code-inj-wSHrgz8L (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T08:57:35.628Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2023-20063 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : None (string)

}

1 : { »

Automatable : No (string)

}

2 : { »

Technical Impact : Total (string)

}

]

version : 2.0.3 (string)

timestamp : 2023-11-15T16:39:52.764967Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-10-23T19:05:52.402Z (string)

}

]

cna : { »

title : Cisco Cisco Firepower Threat Defense Software and Cisco Firepower Management Center Code Injection Vulnerability (string)

source : { »

defects : [ »

0 : CSCwb42031 (string)

]

advisory : cisco-sa-ftd-fmc-code-inj-wSHrgz8L (string)

discovery : INTERNAL (string)

}

metrics : [ »

0 : { »

format : cvssV3_1 (string)

cvssV3_1 : { »

scope : CHANGED (string)

version : 3.1 (string)

baseScore : 8.2 (number)

attackVector : LOCAL (string)

baseSeverity : HIGH (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H (string)

integrityImpact : HIGH (string)

userInteraction : NONE (string)

attackComplexity : LOW (string)

availabilityImpact : HIGH (string)

privilegesRequired : HIGH (string)

confidentialityImpact : HIGH (string)

}

]

affected : [ »

0 : { »

vendor : Cisco (string)

product : Cisco Firepower Management Center (string)

versions : [ »

0 : { »

status : affected (string)

version : 6.2.3.12 (string)

}

1 : { »

status : affected (string)

version : 6.2.3.1 (string)

}

2 : { »

status : affected (string)

version : 6.2.3.10 (string)

}

3 : { »

status : affected (string)

version : 6.2.3.8 (string)

}

4 : { »

status : affected (string)

version : 6.4.0.6 (string)

}

5 : { »

status : affected (string)

version : 6.2.3 (string)

}

6 : { »

status : affected (string)

version : 6.4.0.7 (string)

}

7 : { »

status : affected (string)

version : 6.2.3.13 (string)

}

8 : { »

status : affected (string)

version : 6.2.3.5 (string)

}

9 : { »

status : affected (string)

version : 6.4.0.4 (string)

}

10 : { »

status : affected (string)

version : 6.2.3.9 (string)

}

11 : { »

status : affected (string)

version : 6.2.3.14 (string)

}

12 : { »

status : affected (string)

version : 6.4.0.1 (string)

}

13 : { »

status : affected (string)

version : 6.2.3.6 (string)

}

14 : { »

status : affected (string)

version : 6.2.3.11 (string)

}

15 : { »

status : affected (string)

version : 6.4.0.8 (string)

}

16 : { »

status : affected (string)

version : 6.2.3.2 (string)

}

17 : { »

status : affected (string)

version : 6.4.0.2 (string)

}

18 : { »

status : affected (string)

version : 6.2.3.3 (string)

}

19 : { »

status : affected (string)

version : 6.4.0.3 (string)

}

20 : { »

status : affected (string)

version : 6.2.3.7 (string)

}

21 : { »

status : affected (string)

version : 6.2.3.4 (string)

}

22 : { »

status : affected (string)

version : 6.4.0.5 (string)

}

23 : { »

status : affected (string)

version : 6.4.0 (string)

}

24 : { »

status : affected (string)

version : 6.2.3.15 (string)

}

25 : { »

status : affected (string)

version : 6.6.0 (string)

}

26 : { »

status : affected (string)

version : 6.4.0.9 (string)

}

27 : { »

status : affected (string)

version : 6.2.3.16 (string)

}

28 : { »

status : affected (string)

version : 6.6.0.1 (string)

}

29 : { »

status : affected (string)

version : 6.6.1 (string)

}

30 : { »

status : affected (string)

version : 6.4.0.10 (string)

}

31 : { »

status : affected (string)

version : 6.7.0 (string)

}

32 : { »

status : affected (string)

version : 6.4.0.11 (string)

}

33 : { »

status : affected (string)

version : 6.6.3 (string)

}

34 : { »

status : affected (string)

version : 6.7.0.1 (string)

}

35 : { »

status : affected (string)

version : 6.6.4 (string)

}

36 : { »

status : affected (string)

version : 6.4.0.12 (string)

}

37 : { »

status : affected (string)

version : 6.7.0.2 (string)

}

38 : { »

status : affected (string)

version : 7.0.0 (string)

}

39 : { »

status : affected (string)

version : 6.2.3.17 (string)

}

40 : { »

status : affected (string)

version : 7.0.0.1 (string)

}

41 : { »

status : affected (string)

version : 6.6.5 (string)

}

42 : { »

status : affected (string)

version : 7.0.1 (string)

}

43 : { »

status : affected (string)

version : 7.1.0 (string)

}

44 : { »

status : affected (string)

version : 6.6.5.1 (string)

}

45 : { »

status : affected (string)

version : 6.4.0.13 (string)

}

46 : { »

status : affected (string)

version : 6.7.0.3 (string)

}

47 : { »

status : affected (string)

version : 7.0.1.1 (string)

}

48 : { »

status : affected (string)

version : 6.2.3.18 (string)

}

49 : { »

status : affected (string)

version : 6.4.0.14 (string)

}

50 : { »

status : affected (string)

version : 6.6.5.2 (string)

}

51 : { »

status : affected (string)

version : 7.1.0.1 (string)

}

52 : { »

status : affected (string)

version : 7.0.2 (string)

}

53 : { »

status : affected (string)

version : 6.4.0.15 (string)

}

54 : { »

status : affected (string)

version : 7.2.0 (string)

}

55 : { »

status : affected (string)

version : 7.0.2.1 (string)

}

56 : { »

status : affected (string)

version : 7.0.3 (string)

}

57 : { »

status : affected (string)

version : 6.6.7 (string)

}

58 : { »

status : affected (string)

version : 7.1.0.2 (string)

}

59 : { »

status : affected (string)

version : 7.2.0.1 (string)

}

60 : { »

status : affected (string)

version : 7.0.4 (string)

}

61 : { »

status : affected (string)

version : 7.2.1 (string)

}

62 : { »

status : affected (string)

version : 7.0.5 (string)

}

63 : { »

status : affected (string)

version : 6.4.0.16 (string)

}

64 : { »

status : affected (string)

version : 7.3.0 (string)

}

65 : { »

status : affected (string)

version : 7.2.2 (string)

}

66 : { »

status : affected (string)

version : 6.6.7.1 (string)

}

67 : { »

status : affected (string)

version : 7.3.1 (string)

}

68 : { »

status : affected (string)

version : 7.2.3 (string)

}

69 : { »

status : affected (string)

version : 7.1.0.3 (string)

}

70 : { »

status : affected (string)

version : 7.2.3.1 (string)

}

71 : { »

status : affected (string)

version : 7.2.4 (string)

}

72 : { »

status : affected (string)

version : 7.0.6 (string)

}

73 : { »

status : affected (string)

version : 7.2.4.1 (string)

}

74 : { »

status : affected (string)

version : 7.2.5 (string)

}

75 : { »

status : affected (string)

version : 7.3.1.1 (string)

}

76 : { »

status : affected (string)

version : 7.4.0 (string)

}

77 : { »

status : affected (string)

version : 6.4.0.17 (string)

}

78 : { »

status : affected (string)

version : 7.0.6.1 (string)

}

79 : { »

status : affected (string)

version : 7.2.5.1 (string)

}

80 : { »

status : affected (string)

version : 7.4.1 (string)

}

81 : { »

status : affected (string)

version : 7.2.6 (string)

}

82 : { »

status : affected (string)

version : 7.4.1.1 (string)

}

83 : { »

status : affected (string)

version : 7.0.6.2 (string)

}

84 : { »

status : affected (string)

version : 6.4.0.18 (string)

}

85 : { »

status : affected (string)

version : 6.6.7.2 (string)

}

86 : { »

status : affected (string)

version : 7.2.7 (string)

}

87 : { »

status : affected (string)

version : 7.2.5.2 (string)

}

88 : { »

status : affected (string)

version : 7.3.1.2 (string)

}

89 : { »

status : affected (string)

version : 7.2.8 (string)

}

90 : { »

status : affected (string)

version : 7.2.8.1 (string)

}

]

defaultStatus : unknown (string)

}

1 : { »

vendor : Cisco (string)

product : Cisco Firepower Threat Defense Software (string)

versions : [ »

0 : { »

status : affected (string)

version : 6.2.3.14 (string)

}

1 : { »

status : affected (string)

version : 6.4.0.1 (string)

}

2 : { »

status : affected (string)

version : 6.2.3.7 (string)

}

3 : { »

status : affected (string)

version : 6.2.3 (string)

}

4 : { »

status : affected (string)

version : 6.4.0.2 (string)

}

5 : { »

status : affected (string)

version : 6.2.3.9 (string)

}

6 : { »

status : affected (string)

version : 6.2.3.1 (string)

}

7 : { »

status : affected (string)

version : 6.2.3.2 (string)

}

8 : { »

status : affected (string)

version : 6.4.0.5 (string)

}

9 : { »

status : affected (string)

version : 6.2.3.10 (string)

}

10 : { »

status : affected (string)

version : 6.4.0 (string)

}

11 : { »

status : affected (string)

version : 6.4.0.3 (string)

}

12 : { »

status : affected (string)

version : 6.2.3.6 (string)

}

13 : { »

status : affected (string)

version : 6.4.0.4 (string)

}

14 : { »

status : affected (string)

version : 6.2.3.15 (string)

}

15 : { »

status : affected (string)

version : 6.2.3.5 (string)

}

16 : { »

status : affected (string)

version : 6.2.3.4 (string)

}

17 : { »

status : affected (string)

version : 6.2.3.3 (string)

}

18 : { »

status : affected (string)

version : 6.2.3.8 (string)

}

19 : { »

status : affected (string)

version : 6.4.0.6 (string)

}

20 : { »

status : affected (string)

version : 6.2.3.11 (string)

}

21 : { »

status : affected (string)

version : 6.2.3.12 (string)

}

22 : { »

status : affected (string)

version : 6.2.3.13 (string)

}

23 : { »

status : affected (string)

version : 6.4.0.7 (string)

}

24 : { »

status : affected (string)

version : 6.4.0.8 (string)

}

25 : { »

status : affected (string)

version : 6.6.0 (string)

}

26 : { »

status : affected (string)

version : 6.4.0.9 (string)

}

27 : { »

status : affected (string)

version : 6.2.3.16 (string)

}

28 : { »

status : affected (string)

version : 6.6.0.1 (string)

}

29 : { »

status : affected (string)

version : 6.6.1 (string)

}

30 : { »

status : affected (string)

version : 6.4.0.10 (string)

}

31 : { »

status : affected (string)

version : 6.7.0 (string)

}

32 : { »

status : affected (string)

version : 6.4.0.11 (string)

}

33 : { »

status : affected (string)

version : 6.6.3 (string)

}

34 : { »

status : affected (string)

version : 6.7.0.1 (string)

}

35 : { »

status : affected (string)

version : 6.6.4 (string)

}

36 : { »

status : affected (string)

version : 6.4.0.12 (string)

}

37 : { »

status : affected (string)

version : 6.7.0.2 (string)

}

38 : { »

status : affected (string)

version : 7.0.0 (string)

}

39 : { »

status : affected (string)

version : 6.2.3.17 (string)

}

40 : { »

status : affected (string)

version : 7.0.0.1 (string)

}

41 : { »

status : affected (string)

version : 6.6.5 (string)

}

42 : { »

status : affected (string)

version : 7.0.1 (string)

}

43 : { »

status : affected (string)

version : 7.1.0 (string)

}

44 : { »

status : affected (string)

version : 6.4.0.13 (string)

}

45 : { »

status : affected (string)

version : 6.6.5.1 (string)

}

46 : { »

status : affected (string)

version : 6.2.3.18 (string)

}

47 : { »

status : affected (string)

version : 7.0.1.1 (string)

}

48 : { »

status : affected (string)

version : 6.7.0.3 (string)

}

49 : { »

status : affected (string)

version : 6.4.0.14 (string)

}

50 : { »

status : affected (string)

version : 7.1.0.1 (string)

}

51 : { »

status : affected (string)

version : 6.6.5.2 (string)

}

52 : { »

status : affected (string)

version : 7.0.2 (string)

}

53 : { »

status : affected (string)

version : 6.4.0.15 (string)

}

54 : { »

status : affected (string)

version : 7.2.0 (string)

}

55 : { »

status : affected (string)

version : 7.0.2.1 (string)

}

56 : { »

status : affected (string)

version : 7.0.3 (string)

}

57 : { »

status : affected (string)

version : 6.6.7 (string)

}

58 : { »

status : affected (string)

version : 7.1.0.2 (string)

}

59 : { »

status : affected (string)

version : 7.2.0.1 (string)

}

60 : { »

status : affected (string)

version : 7.0.4 (string)

}

61 : { »

status : affected (string)

version : 7.2.1 (string)

}

62 : { »

status : affected (string)

version : 7.0.5 (string)

}

63 : { »

status : affected (string)

version : 6.4.0.16 (string)

}

64 : { »

status : affected (string)

version : 7.3.0 (string)

}

65 : { »

status : affected (string)

version : 7.2.2 (string)

}

66 : { »

status : affected (string)

version : 7.2.3 (string)

}

67 : { »

status : affected (string)

version : 6.6.7.1 (string)

}

68 : { »

status : affected (string)

version : 7.3.1 (string)

}

69 : { »

status : affected (string)

version : 7.1.0.3 (string)

}

70 : { »

status : affected (string)

version : 7.2.4 (string)

}

71 : { »

status : affected (string)

version : 7.0.6 (string)

}

72 : { »

status : affected (string)

version : 7.2.5 (string)

}

73 : { »

status : affected (string)

version : 7.2.4.1 (string)

}

74 : { »

status : affected (string)

version : 7.3.1.1 (string)

}

75 : { »

status : affected (string)

version : 7.4.0 (string)

}

76 : { »

status : affected (string)

version : 6.4.0.17 (string)

}

77 : { »

status : affected (string)

version : 7.0.6.1 (string)

}

78 : { »

status : affected (string)

version : 7.2.5.1 (string)

}

79 : { »

status : affected (string)

version : 7.4.1 (string)

}

80 : { »

status : affected (string)

version : 7.2.6 (string)

}

81 : { »

status : affected (string)

version : 7.0.6.2 (string)

}

82 : { »

status : affected (string)

version : 7.4.1.1 (string)

}

83 : { »

status : affected (string)

version : 6.6.7.2 (string)

}

84 : { »

status : affected (string)

version : 6.4.0.18 (string)

}

85 : { »

status : affected (string)

version : 7.2.7 (string)

}

86 : { »

status : affected (string)

version : 7.2.5.2 (string)

}

87 : { »

status : affected (string)

version : 7.3.1.2 (string)

}

88 : { »

status : affected (string)

version : 7.2.8 (string)

}

89 : { »

status : affected (string)

version : 7.2.8.1 (string)

}

]

defaultStatus : unknown (string)

}

]

exploits : [ »

0 : { »

lang : en (string)

value : The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. (string)

}

]

references : [ »

0 : { »

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L (string)

name : cisco-sa-ftd-fmc-code-inj-wSHrgz8L (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by accessing the expert mode of an affected device and submitting specific commands to a connected system. A successful exploit could allow the attacker to execute arbitrary code in the context of an FMC device if the attacker has administrative privileges on an associated FTD device. Alternatively, a successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

type : cwe (string)

cweId : CWE-94 (string)

description : Improper Control of Generation of Code ('Code Injection') (string)

}

]

}

]

providerMetadata : { »

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

dateUpdated : 2024-10-23T17:06:37.547Z (string)

}

cveMetadata : { »

cveId : CVE-2023-20063 (string)

state : PUBLISHED (string)

dateUpdated : 2024-10-23T19:40:26.769Z (string)

dateReserved : 2022-10-27T18:47:50.321Z (string)

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

datePublished : 2023-11-01T17:11:46.268Z (string)

assignerShortName : cisco (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "D58D7217-F6F5-4B58-B59C-E5C8781C87A9", "versionEndIncluding": "6.2.3.18", "versionStartIncluding": "6.2.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "5156C270-7E41-4D2E-B051-F35563EA4402", "versionEndIncluding": "6.4.0.17", "versionStartIncluding": "6.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "BCDEBE63-3174-4BBC-82DE-E8E25C818E30", "versionEndIncluding": "6.6.7.1", "versionStartIncluding": "6.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "1110632C-526F-4025-A7BE-0CF9F37E5F9E", "versionEndIncluding": "6.7.0.3", "versionStartIncluding": "6.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F51D1A7-A702-4071-85D8-7C77CEB23955", "versionEndIncluding": "7.0.5", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5F30710-F91A-4A7B-AB06-EE49525E6F04", "versionEndIncluding": "7.1.0.3", "versionStartIncluding": "7.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "90854884-399A-465B-ACB7-E493B8D39041", "versionEndIncluding": "7.2.3", "versionStartIncluding": "7.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "2B2802CF-8A7F-4FC6-A406-F1F26C932F3C", "versionEndIncluding": "6.2.3.18", "versionStartIncluding": "6.2.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "A6A2C229-3396-4411-9D39-49F53F6532CF", "versionEndIncluding": "6.4.0.16", "versionStartIncluding": "6.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4500BF5-6E53-474F-A266-DFEA18880600", "versionEndIncluding": "6.6.7.1", "versionStartIncluding": "6.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1D1E01B-8280-4011-8264-9D002C524CA1", "versionEndIncluding": "7.0.5", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "75555C00-0F74-4A39-9F26-D38824D2323D", "versionEndIncluding": "7.1.0.3", "versionStartIncluding": "7.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "BFDB4F91-CD9E-409C-816E-B634C058FA7E", "versionEndIncluding": "7.3.1.1", "versionStartIncluding": "7.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by accessing the expert mode of an affected device and submitting specific commands to a connected system. A successful exploit could allow the attacker to execute arbitrary code in the context of an FMC device if the attacker has administrative privileges on an associated FTD device. Alternatively, a successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device."}, {"lang": "es", "value": "Una vulnerabilidad en los mecanismos de comunicaci\u00f3n entre dispositivos entre los dispositivos que ejecutan el software Cisco Firepower Threat Defense (FTD) y los dispositivos que ejecutan el software Cisco Firepower Management (FMC) podr\u00eda permitir que un atacante local autenticado ejecute comandos arbitrarios con permisos de root en el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad accediendo al modo experto de un dispositivo afectado y enviando comandos espec\u00edficos a un sistema conectado. Un exploit exitoso podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el contexto de un dispositivo FMC si el atacante tiene privilegios administrativos en un dispositivo FTD asociado. Alternativamente, un exploit exitoso podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el contexto de un dispositivo FTD si el atacante tiene privilegios administrativos en un dispositivo FMC asociado."}], "id": "CVE-2023-20063", "lastModified": "2024-11-26T16:09:02.407", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.5, "impactScore": 6.0, "source": "ykramarz@cisco.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.5, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-11-01T18:15:08.967", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "ykramarz@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D58D7217-F6F5-4B58-B59C-E5C8781C87A9 (string)

versionEndIncluding : 6.2.3.18 (string)

versionStartIncluding : 6.2.3 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 5156C270-7E41-4D2E-B051-F35563EA4402 (string)

versionEndIncluding : 6.4.0.17 (string)

versionStartIncluding : 6.4.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* (string)

matchCriteriaId : BCDEBE63-3174-4BBC-82DE-E8E25C818E30 (string)

versionEndIncluding : 6.6.7.1 (string)

versionStartIncluding : 6.6.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 1110632C-526F-4025-A7BE-0CF9F37E5F9E (string)

versionEndIncluding : 6.7.0.3 (string)

versionStartIncluding : 6.7.0 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 3F51D1A7-A702-4071-85D8-7C77CEB23955 (string)

versionEndIncluding : 7.0.5 (string)

versionStartIncluding : 7.0.0 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F5F30710-F91A-4A7B-AB06-EE49525E6F04 (string)

versionEndIncluding : 7.1.0.3 (string)

versionStartIncluding : 7.1.0 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 90854884-399A-465B-ACB7-E493B8D39041 (string)

versionEndIncluding : 7.2.3 (string)

versionStartIncluding : 7.2.0 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 2B2802CF-8A7F-4FC6-A406-F1F26C932F3C (string)

versionEndIncluding : 6.2.3.18 (string)

versionStartIncluding : 6.2.3 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:* (string)

matchCriteriaId : A6A2C229-3396-4411-9D39-49F53F6532CF (string)

versionEndIncluding : 6.4.0.16 (string)

versionStartIncluding : 6.4.0 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B4500BF5-6E53-474F-A266-DFEA18880600 (string)

versionEndIncluding : 6.6.7.1 (string)

versionStartIncluding : 6.6.0 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B1D1E01B-8280-4011-8264-9D002C524CA1 (string)

versionEndIncluding : 7.0.5 (string)

versionStartIncluding : 7.0.0 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 75555C00-0F74-4A39-9F26-D38824D2323D (string)

versionEndIncluding : 7.1.0.3 (string)

versionStartIncluding : 7.1.0 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:* (string)

matchCriteriaId : BFDB4F91-CD9E-409C-816E-B634C058FA7E (string)

versionEndIncluding : 7.3.1.1 (string)

versionStartIncluding : 7.3.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by accessing the expert mode of an affected device and submitting specific commands to a connected system. A successful exploit could allow the attacker to execute arbitrary code in the context of an FMC device if the attacker has administrative privileges on an associated FTD device. Alternatively, a successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device. (string)

}

1 : { »

lang : es (string)

value : Una vulnerabilidad en los mecanismos de comunicación entre dispositivos entre los dispositivos que ejecutan el software Cisco Firepower Threat Defense (FTD) y los dispositivos que ejecutan el software Cisco Firepower Management (FMC) podría permitir que un atacante local autenticado ejecute comandos arbitrarios con permisos de root en el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validación insuficiente de la entrada proporcionada por el usuario. Un atacante podría aprovechar esta vulnerabilidad accediendo al modo experto de un dispositivo afectado y enviando comandos específicos a un sistema conectado. Un exploit exitoso podría permitir al atacante ejecutar código arbitrario en el contexto de un dispositivo FMC si el atacante tiene privilegios administrativos en un dispositivo FTD asociado. Alternativamente, un exploit exitoso podría permitir al atacante ejecutar código arbitrario en el contexto de un dispositivo FTD si el atacante tiene privilegios administrativos en un dispositivo FMC asociado. (string)

}

]

id : CVE-2023-20063 (string)

lastModified : 2024-11-26T16:09:02.407 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 8.2 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : HIGH (string)

scope : CHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.5 (number)

impactScore : 6 (number)

source : ykramarz@cisco.com (string)

type : Secondary (string)

}

1 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 8.2 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : HIGH (string)

scope : CHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.5 (number)

impactScore : 6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2023-11-01T18:15:08.967 (string)

references : [ »

0 : { »

source : ykramarz@cisco.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L (string)

}

]

sourceIdentifier : ykramarz@cisco.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-94 (string)

}

]

source : ykramarz@cisco.com (string)

type : Secondary (string)

}

1 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-20 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation None

Automatable No

Technical Impact Total

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation None

Automatable No

Technical Impact Total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object