CVE-2018-0453 (CNNVD-201810-176)

HIGH
中文标题:
Cisco Firepower System Software 权限许可和访问控制漏洞
英文标题:
Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability
CVSS分数: 8.2
发布时间: 2018-10-05 14:00:00
漏洞类型: 授权问题
状态: PUBLISHED
数据质量分数: 0.30
数据版本: v3
漏洞描述
中文描述:

Cisco Adaptive Security Appliance(ASA)5500-X Series with FirePOWER Services等都是美国思科(Cisco)公司的安全设备。Firepower System Software是使用在其中的一套防火墙操作系统。 Cisco Firepower System Software(运行在Cisco Firepower Threat Defense (FTD)传感器上)中的Sourcefire tunnel control channel协议存在权限许可和访问控制漏洞,该漏洞源于受影响的软件对CLI命令没有执行充分的检测。本地攻击者可通过对Firepower传感器和Cisco FMC进行身份验证,然后向Cisco FMC或借助Cisco FMC向其他Firepower传感器发送CLI命令利用该漏洞修改设备配置或删除文件。以下产品受到影响:Cisco Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services;Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls;FirePOWER 7000 Series Appliances;FirePOWER 8000 Series Appliances;Firepower 2100 Series Security Appliances;Firepower 4100 Series Security Appliances;Firepower 9300 Series Security Appliances;Firepower Management Center;Firepower Threat Defense;Firepower Threat Defense Virtual (FTDv);Virtual Next-Generation Intrusion Prevention System (NGIPSv)。

英文描述:

A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Threat Defense (FTD) sensors could allow an authenticated, local attacker to execute specific CLI commands with root privileges on the Cisco Firepower Management Center (FMC), or through Cisco FMC on other Firepower sensors and devices that are controlled by the same Cisco FMC. To send the commands, the attacker must have root privileges for at least one affected sensor or the Cisco FMC. The vulnerability exists because the affected software performs insufficient checks for certain CLI commands, if the commands are executed via a Sourcefire tunnel connection. An attacker could exploit this vulnerability by authenticating with root privileges to a Firepower sensor or Cisco FMC, and then sending specific CLI commands to the Cisco FMC or through the Cisco FMC to another Firepower sensor via the Sourcefire tunnel connection. A successful exploit could allow the attacker to modify device configurations or delete files on the device that is running Cisco FMC Software or on any Firepower device that is managed by Cisco FMC.

CWE类型:
CWE-264 CWE-78
标签:
(暂无数据)
受影响产品
厂商 产品 版本 版本范围 平台 CPE
Cisco Cisco FireSIGHT System Software n/a - - cpe:2.3:a:cisco:cisco_firesight_system_software:n_a:*:*:*:*:*:*:*
cisco firepower_threat_defense 5.4.0 - - cpe:2.3:a:cisco:firepower_threat_defense:5.4.0:*:*:*:*:*:*:*
cisco firepower_threat_defense 6.0.0 - - cpe:2.3:a:cisco:firepower_threat_defense:6.0.0:*:*:*:*:*:*:*
cisco firepower_threat_defense 6.0.1 - - cpe:2.3:a:cisco:firepower_threat_defense:6.0.1:*:*:*:*:*:*:*
cisco firepower_threat_defense 6.1.0 - - cpe:2.3:a:cisco:firepower_threat_defense:6.1.0:*:*:*:*:*:*:*
cisco firepower_threat_defense 6.2.0 - - cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*
cisco firepower_threat_defense 6.2.1 - - cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*
cisco firepower_threat_defense 6.2.2 - - cpe:2.3:a:cisco:firepower_threat_defense:6.2.2:*:*:*:*:*:*:*
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
20181003 Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability vendor-advisory
cve.org
访问
CVSS评分详情
8.2
HIGH
CVSS向量: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CVSS版本: 3.0
机密性
HIGH
完整性
HIGH
可用性
HIGH
时间信息
发布时间:
2018-10-05 14:00:00
修改时间:
2024-11-26 14:40:54
创建时间:
2025-11-11 15:34:57
更新时间:
2025-11-11 15:54:04
利用信息
暂无可利用代码信息
数据源详情
数据源 记录ID 版本 提取时间
CVE cve_CVE-2018-0453 2025-11-11 15:19:35 2025-11-11 07:34:57
NVD nvd_CVE-2018-0453 2025-11-11 14:55:59 2025-11-11 07:43:33
CNNVD cnnvd_CNNVD-201810-176 2025-11-11 15:10:05 2025-11-11 07:54:04
版本与语言
当前版本: v3
主要语言: EN
支持语言:
EN ZH
安全公告
暂无安全公告信息
变更历史
v3 CNNVD
2025-11-11 15:54:04
vulnerability_type: 未提取 → 授权问题; cnnvd_id: 未提取 → CNNVD-201810-176; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
  • vulnerability_type: 未提取 -> 授权问题
  • cnnvd_id: 未提取 -> CNNVD-201810-176
  • data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2 NVD
2025-11-11 15:43:33
severity: SeverityLevel.MEDIUM → SeverityLevel.HIGH; cvss_score: 未提取 → 8.2; cvss_vector: NOT_EXTRACTED → CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H; cvss_version: NOT_EXTRACTED → 3.0; affected_products_count: 1 → 8; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
  • severity: SeverityLevel.MEDIUM -> SeverityLevel.HIGH
  • cvss_score: 未提取 -> 8.2
  • cvss_vector: NOT_EXTRACTED -> CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  • cvss_version: NOT_EXTRACTED -> 3.0
  • affected_products_count: 1 -> 8
  • data_sources: ['cve'] -> ['cve', 'nvd']