Vulnerability-Lookup

CVE-2024-20412 (GCVE-0-2024-20412)

Vulnerability from cvelistv5 – Published: 2024-10-23 17:39 – Updated: 2024-10-26 03:55

Summary

A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials. This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. An attacker could exploit this vulnerability by logging in to the CLI of an affected device with these credentials. A successful exploit could allow the attacker to access the affected system and retrieve sensitive information, perform limited troubleshooting actions, modify some configuration options, or render the device unable to boot to the operating system, requiring a reimage of the device.

Severity ?

9.3 (Critical)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-259 - Use of Hard-coded Password

Assigner

cisco

References

URL

Tags

https://sec.cloudapps.cisco.com/security/center/c…

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Affected: 7.1.0 Affected: 7.1.0.1 Affected: 7.1.0.2 Affected: 7.1.0.3 Affected: 7.2.0 Affected: 7.2.0.1 Affected: 7.2.1 Affected: 7.2.2 Affected: 7.2.3 Affected: 7.2.4 Affected: 7.2.4.1 Affected: 7.2.5 Affected: 7.2.5.1 Affected: 7.2.6 Affected: 7.2.7 Affected: 7.2.5.2 Affected: 7.3.0 Affected: 7.3.1 Affected: 7.3.1.1 Affected: 7.3.1.2 Affected: 7.4.0 Affected: 7.4.1 Affected: 7.4.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "firepower_threat_defense_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "7.1.0.3",
                "status": "affected",
                "version": "7.1.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.2.7",
                "status": "affected",
                "version": "7.2.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.3.1.2",
                "status": "affected",
                "version": "7.3.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.4.1.1",
                "status": "affected",
                "version": "7.4.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20412",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-25T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-26T03:55:24.066Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.2.5.1"
            },
            {
              "status": "affected",
              "version": "7.2.6"
            },
            {
              "status": "affected",
              "version": "7.2.7"
            },
            {
              "status": "affected",
              "version": "7.2.5.2"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.4.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials.\r\n\r This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. An attacker could exploit this vulnerability by logging in to the CLI of an affected device with these credentials. A successful exploit could allow the attacker to access the affected system and retrieve sensitive information, perform limited troubleshooting actions, modify some configuration options, or render the device unable to boot to the operating system, requiring a reimage of the device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-259",
              "description": "Use of Hard-coded Password",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-23T17:39:04.071Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ftd-statcred-dFC8tXT5",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-statcred-dFC8tXT5",
        "defects": [
          "CSCwk07982"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20412",
    "datePublished": "2024-10-23T17:39:04.071Z",
    "dateReserved": "2023-11-08T15:08:07.663Z",
    "dateUpdated": "2024-10-26T03:55:24.066Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-20412\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-23T18:41:13.028528Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"firepower_threat_defense_software\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.1.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"7.1.0.3\"}, {\"status\": \"affected\", \"version\": \"7.2.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"7.2.7\"}, {\"status\": \"affected\", \"version\": \"7.3.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"7.3.1.2\"}, {\"status\": \"affected\", \"version\": \"7.4.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"7.4.1.1\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-24T15:42:33.250Z\"}}], \"cna\": {\"source\": {\"defects\": [\"CSCwk07982\"], \"advisory\": \"cisco-sa-ftd-statcred-dFC8tXT5\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 9.3, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Firepower Threat Defense Software\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.1.0\"}, {\"status\": \"affected\", \"version\": \"7.1.0.1\"}, {\"status\": \"affected\", \"version\": \"7.1.0.2\"}, {\"status\": \"affected\", \"version\": \"7.1.0.3\"}, {\"status\": \"affected\", \"version\": \"7.2.0\"}, {\"status\": \"affected\", \"version\": \"7.2.0.1\"}, {\"status\": \"affected\", \"version\": \"7.2.1\"}, {\"status\": \"affected\", \"version\": \"7.2.2\"}, {\"status\": \"affected\", \"version\": \"7.2.3\"}, {\"status\": \"affected\", \"version\": \"7.2.4\"}, {\"status\": \"affected\", \"version\": \"7.2.4.1\"}, {\"status\": \"affected\", \"version\": \"7.2.5\"}, {\"status\": \"affected\", \"version\": \"7.2.5.1\"}, {\"status\": \"affected\", \"version\": \"7.2.6\"}, {\"status\": \"affected\", \"version\": \"7.2.7\"}, {\"status\": \"affected\", \"version\": \"7.2.5.2\"}, {\"status\": \"affected\", \"version\": \"7.3.0\"}, {\"status\": \"affected\", \"version\": \"7.3.1\"}, {\"status\": \"affected\", \"version\": \"7.3.1.1\"}, {\"status\": \"affected\", \"version\": \"7.3.1.2\"}, {\"status\": \"affected\", \"version\": \"7.4.0\"}, {\"status\": \"affected\", \"version\": \"7.4.1\"}, {\"status\": \"affected\", \"version\": \"7.4.1.1\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5\", \"name\": \"cisco-sa-ftd-statcred-dFC8tXT5\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials.\\r\\n\\r This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. An attacker could exploit this vulnerability by logging in to the CLI of an affected device with these credentials. A successful exploit could allow the attacker to access the affected system and retrieve sensitive information, perform limited troubleshooting actions, modify some configuration options, or render the device unable to boot to the operating system, requiring a reimage of the device.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-259\", \"description\": \"Use of Hard-coded Password\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2024-10-23T17:39:04.071Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-20412\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-26T03:55:24.066Z\", \"dateReserved\": \"2023-11-08T15:08:07.663Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2024-10-23T17:39:04.071Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2024-AVI-0919

Vulnerability from certfr_avis - Published: 2024-10-24 - Updated: 2024-10-24

De multiples vulnérabilités ont été découvertes dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Cisco indique que la vulnérabilité CVE-2024-20481 est activement exploitée. L'éditeur a connaissance de preuves de concept publiques pour les vulnérabilités CVE-2024-20377, CVE-2024-20387 et CVE-2024-20388.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Cisco	N/A	Se référer au bulletin de sécurité de l'éditeur pour l'obtention des configurations vulnérables des équipements (cf. section Documentation).

References

Title

Publication Time

GSD-2024-20412

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2024-20412

Aliases

CVE-2024-20412

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2024-20412",
    "id": "GSD-2024-20412"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-20412"
      ],
      "id": "GSD-2024-20412",
      "modified": "2023-12-13T01:21:43.116437Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2024-20412",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

CNVD-2024-44488

Vulnerability from cnvd - Published: 2024-11-06

Title

Cisco Firepower Threat Defense信任管理问漏洞

Description

Cisco Firepower Threat Defense（FTD）是美国思科（Cisco）公司的一套提供下一代防火墙服务的统一软件。 Cisco Firepower Threat Defense存在信任管理问题漏洞，该漏洞源于受影响的系统上存在带有硬编码密码的静态帐户。攻击者可利用该漏洞使用静态凭据访问受影响的系统。

Severity

高

Patch Name

Cisco Firepower Threat Defense信任管理问漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5

Reference

https://nvd.nist.gov/vuln/detail/CVE-2024-20412

Impacted products

Name
Cisco Cisco Firepower Threat Defense

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-20412",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-20412"
    }
  },
  "description": "Cisco Firepower Threat Defense\uff08FTD\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u63d0\u4f9b\u4e0b\u4e00\u4ee3\u9632\u706b\u5899\u670d\u52a1\u7684\u7edf\u4e00\u8f6f\u4ef6\u3002\n\nCisco Firepower Threat Defense\u5b58\u5728\u4fe1\u4efb\u7ba1\u7406\u95ee\u9898\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u53d7\u5f71\u54cd\u7684\u7cfb\u7edf\u4e0a\u5b58\u5728\u5e26\u6709\u786c\u7f16\u7801\u5bc6\u7801\u7684\u9759\u6001\u5e10\u6237\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4f7f\u7528\u9759\u6001\u51ed\u636e\u8bbf\u95ee\u53d7\u5f71\u54cd\u7684\u7cfb\u7edf\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-44488",
  "openTime": "2024-11-06",
  "patchDescription": "Cisco Firepower Threat Defense\uff08FTD\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u63d0\u4f9b\u4e0b\u4e00\u4ee3\u9632\u706b\u5899\u670d\u52a1\u7684\u7edf\u4e00\u8f6f\u4ef6\u3002\r\n\r\nCisco Firepower Threat Defense\u5b58\u5728\u4fe1\u4efb\u7ba1\u7406\u95ee\u9898\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u53d7\u5f71\u54cd\u7684\u7cfb\u7edf\u4e0a\u5b58\u5728\u5e26\u6709\u786c\u7f16\u7801\u5bc6\u7801\u7684\u9759\u6001\u5e10\u6237\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4f7f\u7528\u9759\u6001\u51ed\u636e\u8bbf\u95ee\u53d7\u5f71\u54cd\u7684\u7cfb\u7edf\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Firepower Threat Defense\u4fe1\u4efb\u7ba1\u7406\u95ee\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco Cisco Firepower Threat Defense"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2024-20412",
  "serverity": "\u9ad8",
  "submitTime": "2024-10-31",
  "title": "Cisco Firepower Threat Defense\u4fe1\u4efb\u7ba1\u7406\u95ee\u6f0f\u6d1e"
}

CVE-2024-20412

Vulnerability from fstec - Published: 08.11.2023

Title

Уязвимость интерфейса командной строки микропрограммного обеспечения межсетевых экранов Cisco Firepower Threat Defense (FTD), позволяющая нарушителю получить несанкционированный доступ на чтение, изменение или удаление данных или вызвать отказ в обслуживании

Description

Уязвимость интерфейса командной строки микропрограммного обеспечения межсетевых экранов Cisco Firepower Threat Defense (FTD) связана с использованием жестко закодированных учетных данных. Эксплуатация уязвимости может позволить нарушителю получить несанкционированный доступ на чтение, изменение или удаление данных или вызвать отказ в обслуживании

Severity ?


                    
                      AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Vendor

Cisco Systems Inc.

Software Name

Firepower Threat Defense

Software Version

7.2.0 (Firepower Threat Defense), 7.2.0.1 (Firepower Threat Defense), 7.1.0.1 (Firepower Threat Defense), 7.1.0.2 (Firepower Threat Defense), 7.1.0.3 (Firepower Threat Defense), 7.2.1 (Firepower Threat Defense), 7.2.2 (Firepower Threat Defense), 7.2.3 (Firepower Threat Defense), 7.3.0 (Firepower Threat Defense), 7.3.1 (Firepower Threat Defense), 7.3.1.1 (Firepower Threat Defense), 7.2.4 (Firepower Threat Defense), 7.1.0 (Firepower Threat Defense), 7.2.4.1 (Firepower Threat Defense), 7.2.5 (Firepower Threat Defense), 7.2.5.1 (Firepower Threat Defense), 7.4.0 (Firepower Threat Defense), 7.4.1 (Firepower Threat Defense), 7.3.1.2 (Firepower Threat Defense), 7.2.5.2 (Firepower Threat Defense), 7.4.1.1 (Firepower Threat Defense), 7.2.6 (Firepower Threat Defense), 7.2.7 (Firepower Threat Defense)

Possible Mitigations

Использование рекомендаций: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5

Reference

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5 https://xakep.ru/2024/10/25/cve-2024-20481/ https://vuldb.com/?id.281618

CWE

CWE-259

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7.2.0 (Firepower Threat Defense), 7.2.0.1 (Firepower Threat Defense), 7.1.0.1 (Firepower Threat Defense), 7.1.0.2 (Firepower Threat Defense), 7.1.0.3 (Firepower Threat Defense), 7.2.1 (Firepower Threat Defense), 7.2.2 (Firepower Threat Defense), 7.2.3 (Firepower Threat Defense), 7.3.0 (Firepower Threat Defense), 7.3.1 (Firepower Threat Defense), 7.3.1.1 (Firepower Threat Defense), 7.2.4 (Firepower Threat Defense), 7.1.0 (Firepower Threat Defense), 7.2.4.1 (Firepower Threat Defense), 7.2.5 (Firepower Threat Defense), 7.2.5.1 (Firepower Threat Defense), 7.4.0 (Firepower Threat Defense), 7.4.1 (Firepower Threat Defense), 7.3.1.2 (Firepower Threat Defense), 7.2.5.2 (Firepower Threat Defense), 7.4.1.1 (Firepower Threat Defense), 7.2.6 (Firepower Threat Defense), 7.2.7 (Firepower Threat Defense)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "08.11.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "28.10.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "28.10.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-08575",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-20412",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Firepower Threat Defense",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Cisco Systems Inc. - - Cisco Firepower 2100 Series, Cisco Systems Inc. - - Cisco Firepower 1000 Series, Cisco Systems Inc. - - Cisco Secure Firewall 3100 Series, Cisco Systems Inc. - - Cisco Secure Firewall 4200 Series",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u043e\u0432 Cisco Firepower Threat Defense (FTD), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043d\u0430 \u0447\u0442\u0435\u043d\u0438\u0435, \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0438\u043b\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u043b\u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0416\u0435\u0441\u0442\u043a\u043e\u0435 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0430\u0440\u043e\u043b\u0435\u0439 (CWE-259)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u043e\u0432 Cisco Firepower Threat Defense (FTD) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043d\u0430 \u0447\u0442\u0435\u043d\u0438\u0435, \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0438\u043b\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u043b\u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5\nhttps://xakep.ru/2024/10/25/cve-2024-20481/\nhttps://vuldb.com/?id.281618",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-259",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,2)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,3)"
}

GHSA-P38M-32QC-F4CG

Vulnerability from github – Published: 2024-10-23 18:33 – Updated: 2024-10-23 18:33

Details

This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. An attacker could exploit this vulnerability by logging in to the CLI of an affected device with these credentials. A successful exploit could allow the attacker to access the affected system and retrieve sensitive information, perform limited troubleshooting actions, modify some configuration options, or render the device unable to boot to the operating system, requiring a reimage of the device.

Severity ?

9.3 (Critical)


                  
                    CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-20412"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-259",
      "CWE-798"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-23T18:15:09Z",
    "severity": "CRITICAL"
  },
  "details": "A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials.\n\n This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. An attacker could exploit this vulnerability by logging in to the CLI of an affected device with these credentials. A successful exploit could allow the attacker to access the affected system and retrieve sensitive information, perform limited troubleshooting actions, modify some configuration options, or render the device unable to boot to the operating system, requiring a reimage of the device.",
  "id": "GHSA-p38m-32qc-f4cg",
  "modified": "2024-10-23T18:33:09Z",
  "published": "2024-10-23T18:33:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20412"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2024-20412

Vulnerability from fkie_nvd - Published: 2024-10-23 18:15 - Updated: 2024-11-05 15:03

Severity ?

9.3 (Critical) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	7.1.0
cisco	firepower_threat_defense	7.1.0.1
cisco	firepower_threat_defense	7.1.0.2
cisco	firepower_threat_defense	7.1.0.3
cisco	firepower_threat_defense	7.2.0
cisco	firepower_threat_defense	7.2.0.1
cisco	firepower_threat_defense	7.2.1
cisco	firepower_threat_defense	7.2.2
cisco	firepower_threat_defense	7.2.3
cisco	firepower_threat_defense	7.2.4
cisco	firepower_threat_defense	7.2.4.1
cisco	firepower_threat_defense	7.2.5
cisco	firepower_threat_defense	7.2.5.1
cisco	firepower_threat_defense	7.2.5.2
cisco	firepower_threat_defense	7.2.6
cisco	firepower_threat_defense	7.2.7
cisco	firepower_threat_defense	7.3.0
cisco	firepower_threat_defense	7.3.1
cisco	firepower_threat_defense	7.3.1.1
cisco	firepower_threat_defense	7.3.1.2
cisco	firepower_threat_defense	7.4.0
cisco	firepower_threat_defense	7.4.1
cisco	firepower_threat_defense	7.4.1.1
cisco	firepower_1000	-
cisco	firepower_1010	-
cisco	firepower_1020	-
cisco	firepower_1030	-
cisco	firepower_1040	-
cisco	firepower_1120	-
cisco	firepower_1140	-
cisco	firepower_1150	-
cisco	firepower_2100	-
cisco	firepower_2110	-
cisco	firepower_2120	-
cisco	firepower_2130	-
cisco	firepower_2140	-
cisco	firepower_3105	-
cisco	firepower_3110	-
cisco	firepower_3120	-
cisco	firepower_3130	-
cisco	firepower_3140	-
cisco	firepower_4215	-
cisco	firepower_4225	-
cisco	firepower_4245	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49A07CF-12BA-481C-B5FF-754520080A8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F203C7D1-AA92-4367-B7A5-EBAE6B76EE6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0064C97F-1140-43AC-8229-C8CCC367DC4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9296D33-D59A-463D-9722-9D4C3F720E7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F66CCA-0982-4107-BC5B-79D727479343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "77B80698-1E76-4B13-AB83-A03FF8C785FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A52991-802D-46FB-A508-5616BA1CEB78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3E08AAC-9C5E-4D18-817C-C466D1D6C4DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "724A3B6F-DDAB-4A2F-8430-9E1F352D755F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDBF14DD-0654-47F3-A698-020397A1EAA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6F79864-CA70-4192-AC2C-E174DF3F25B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8B5AF8-6A57-482A-9442-E857EE7E207B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9929280-2AAC-4B56-A42C-1F6EDE83988E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F29B6BC3-D716-4A3D-9679-B7BE81F719C8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "727A02E8-40A1-4DFE-A3A2-91D628D3044F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F6546E-28F4-40DC-97D6-E0E023FE939B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D23A26EF-5B43-437C-A962-4FC69D8A0FF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_3105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B65E122-8B8C-4681-9CAE-C375292A26CC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_3110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "012CCE97-B6FE-45B8-9599-D64EE0F80B2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_3120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6A73EAE-3C2E-4836-97EC-F644E219C0DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_3130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DCF7A7F-9564-4A8D-84FA-7DA25B4BF4B7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_3140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "542C19EA-0FFE-4ADC-93BB-EEB6B0A8CAA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4215:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2634F9A1-8CF7-4824-817A-F617DB48CFFF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4225:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F021E6A8-FA39-40BD-B570-D5C4F408521C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4245:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B303B6B7-B419-46F1-9291-E70AD1B863D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials.\r\n\r This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. An attacker could exploit this vulnerability by logging in to the CLI of an affected device with these credentials. A successful exploit could allow the attacker to access the affected system and retrieve sensitive information, perform limited troubleshooting actions, modify some configuration options, or render the device unable to boot to the operating system, requiring a reimage of the device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el software Cisco Firepower Threat Defense (FTD) para Cisco Firepower 1000, 2100, 3100 y 4200 Series podr\u00eda permitir que un atacante local no autenticado acceda a un sistema afectado utilizando credenciales est\u00e1ticas. Esta vulnerabilidad se debe a la presencia de cuentas est\u00e1ticas con contrase\u00f1as codificadas en un sistema afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad iniciando sesi\u00f3n en la CLI de un dispositivo afectado con estas credenciales. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante acceder al sistema afectado y recuperar informaci\u00f3n confidencial, realizar acciones limitadas de resoluci\u00f3n de problemas, modificar algunas opciones de configuraci\u00f3n o hacer que el dispositivo no pueda iniciarse en el sistema operativo, lo que requiere una nueva imagen del dispositivo."
    }
  ],
  "id": "CVE-2024-20412",
  "lastModified": "2024-11-05T15:03:34.777",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 9.3,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.5,
        "impactScore": 6.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.5,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-23T18:15:09.430",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-259"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-798"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-20412 (GCVE-0-2024-20412)

CERTFR-2024-AVI-0919

Solutions

GSD-2024-20412

CNVD-2024-44488

CVE-2024-20412

GHSA-P38M-32QC-F4CG

FKIE_CVE-2024-20412

Tags

Sightings

Nomenclature