Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) Arbitrary Audit Log Entry Addition Vulnerability

Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) Arbitrary Audit Log Entry Addition Vulnerability

CVE-2017-3822 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log. This vulnerability affects Cisco Firepower Threat Defense Software versions 6.1.x on the following vulnerable products that have enabled FDM: ASA5506-X ASA5506W-X ASA5506H-X ASA5508-X ASA5516-X ASA5512-X ASA5515-X ASA5525-X ASA5545-X ASA5555-X. More Information: CSCvb86860. Known Affected Releases: FRANGELICO. Known Fixed Releases: 6.2.0.

Learn more about our Cis Benchmark Audit For Cisco.