#VU13409 Path traversal in Cisco Firepower 9300 Security Appliance and Cisco Firepower 4100 Series Next-Generation Firewall - CVE-2018-0300
Published: June 20, 2018 / Updated: June 21, 2018
Vulnerability identifier: #VU13409
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2018-0300
CWE-ID: CWE-22
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Cisco Firepower 9300 Security Appliance
Cisco Firepower 4100 Series Next-Generation Firewall
Cisco Firepower 9300 Security Appliance
Cisco Firepower 4100 Series Next-Generation Firewall
Software vendor:
Cisco Systems, Inc
Cisco Systems, Inc
Description
The vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.
The vulnerability exists in the process of uploading new application images to the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance due to path traversal when insufficient validation during the application image upload process. A remote attacker can create an application image containing malicious code and install the image on the affected device using the CLI or web-based user interface (web UI), conduct path traversal attack, create or overwrite arbitrary files and execute arbitrary code with elevated privileges.
Remediation
The vulnerability is fixed in the versions 2.2(1.101), 2.1(1.1764), 2.1(1.47), 2.0(1.140), 1.1(4.168).