PT-2020-4455 · Cisco · Cisco Ftd

Published

2020-10-21

Updated

2020-10-23

CVE-2020-3352

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description: The issue is related to the presence of undocumented configuration commands in the CLI of Cisco Firepower Threat Defense Software. An authenticated, local attacker could exploit this by performing specific steps to access hidden commands, potentially allowing them to make configuration changes to various sections of an affected device that should not be exposed to CLI access.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Hidden Functionality

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-912

Related Identifiers

BDU:2020-05003

CVE-2020-3352

Affected Products

Cisco Ftd

PT-2020-4455 · Cisco · Cisco Ftd

CVE-2020-3352

Weakness Enumeration

Related Identifiers

Affected Products

References · 4