Vulnerability Description
A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerability is due to improper handling of undefined command parameters. An attacker could exploit this vulnerability by using a crafted command on the CLI or by submitting a crafted HTTPS request to the web-based management interface of the Cisco ASA that is hosting the ASA FirePOWER module. Note: To exploit this vulnerability, the attacker must have administrative access to the Cisco ASA. A user who has administrative access to a particular Cisco ASA is also expected to have administrative access to the ASA FirePOWER module that is hosted by that Cisco ASA.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Asa Firepower | < 6.2.3.19 |
| Cisco | Firepower 1010 | - |
| Cisco | Firepower 1120 | - |
| Cisco | Firepower 1140 | - |
| Cisco | Firepower 1150 | - |
| Cisco | Firepower 2110 | - |
| Cisco | Firepower 2120 | - |
| Cisco | Firepower 2130 | - |
| Cisco | Firepower 2140 | - |
| Cisco | Firepower 4110 | - |
| Cisco | Firepower 4112 | - |
| Cisco | Firepower 4115 | - |
| Cisco | Firepower 4120 | - |
| Cisco | Firepower 4125 | - |
| Cisco | Firepower 4140 | - |
| Cisco | Firepower 4145 | - |
| Cisco | Firepower 4150 | - |
| Cisco | Firepower 9300 | - |
| Cisco | Firepower Management Center | - |
| Cisco | Firepower Management Center Virtual Appliance | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/168256/Cisco-ASA-X-With-FirePOWER-Services-ExploitThird Party Advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aVendor Advisory
- https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-inExploitThird Party Advisory
- http://packetstormsecurity.com/files/168256/Cisco-ASA-X-With-FirePOWER-Services-ExploitThird Party Advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aVendor Advisory
- https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-inExploitThird Party Advisory
FAQ
What is CVE-2022-20828?
CVE-2022-20828 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the ...
How severe is CVE-2022-20828?
CVE-2022-20828 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-20828?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Asa Firepower, Cisco Firepower 1010, Cisco Firepower 1120, Cisco Firepower 1140, Cisco Firepower 1150.