CVE-2017-3822
Description
A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log. This vulnerability affects Cisco Firepower Threat Defense Software versions 6.1.x on the following vulnerable products that have enabled FDM: ASA5506-X ASA5506W-X ASA5506H-X ASA5508-X ASA5516-X ASA5512-X ASA5515-X ASA5525-X ASA5545-X ASA5555-X. More Information: CSCvb86860. Known Affected Releases: FRANGELICO. Known Fixed Releases: 6.2.0.
Risk Information
Base Score
5.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS Score
Exploitation Probability
0.299
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Cisco Firepower Device Manager Arbitrary Audit Log Entry Vulnerability For Cisco Firepower NGFW | NCM |
| Improper Input Validation Vulnerability (CVE-2017-3822) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1704532 | Security Update for Cisco Firepower NGFW 6.2.0 |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234