CVE-2022-20729

Name of the Vulnerable Software and Affected Versions Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description The issue is related to insufficient input validation in the command-line interface, allowing an authenticated, local attacker to inject XML into the command parser. This could result in unexpected processing of the command and output. An attacker could exploit this by including crafted input in commands, potentially allowing the execution of arbitrary code using specially crafted XML data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.