A vulnerability in Cisco Firepower Device Manager (FDM) On-Box software could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by uploading a malicious file to an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on as well as modify the underlying operating system of an affected device.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fdmfo-HvPWKxDe | Vendor Advisory |
Configurations
Information
Published : 2020-05-06 10:15
Updated : 2020-05-12 10:24
NVD link : CVE-2020-3309
Mitre link : CVE-2020-3309
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
cisco
- firepower_device_manager_on-box