Command Injection Vulnerability in Cisco Firepower Threat Defense (FTD) Software

Command Injection Vulnerability in Cisco Firepower Threat Defense (FTD) Software

CVE-2019-1709 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting commands into arguments for a specific command. A successful exploit could allow the attacker to execute commands with root privileges.

Learn more about our Cis Benchmark Audit For Cisco.