{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-27T21:54:20.836","vulnerabilities":[{"cve":{"id":"CVE-2019-12699","sourceIdentifier":"psirt@cisco.com","published":"2019-10-02T19:15:13.733","lastModified":"2024-11-21T04:23:23.350","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute commands on the underlying operating system (OS) with root privileges. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by including crafted arguments to specific CLI commands. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges."},{"lang":"es","value":"Múltiples vulnerabilidades en la CLI del Software Cisco FXOS y del Software Cisco Firepower Threat Defense (FTD), podrían permitir a un atacante local autenticado ejecutar comandos en el sistema operativo (SO) subyacente con privilegios de root. Estas vulnerabilidades son debido a una comprobación de entrada insuficiente. Un atacante podría explotar estas vulnerabilidades mediante la incorporación de argumentos diseñados en comandos específicos de la CLI. Una explotación con éxito podría permitir al atacante ejecutar comandos sobre el sistema operativo subyacente con privilegios de root."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV30":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.0,"impactScore":6.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:firepower_9300_firmware:2.4\\(1.214\\):*:*:*:*:*:*:*","matchCriteriaId":"161C90D0-2257-48B6-A77F-D3BDBE129B04"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:firepower_9300_firmware:2.4\\(1.216\\):*:*:*:*:*:*:*","matchCriteriaId":"92DD9BE2-301F-4773-8028-CFE376E775FC"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:firepower_9300_firmware:2.4\\(2.54\\):*:*:*:*:*:*:*","matchCriteriaId":"AFA20FE6-2364-43C9-BCD4-720159BD08B5"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:firepower_9300_firmware:r241:*:*:*:*:*:*:*","matchCriteriaId":"D9204F1F-5094-40F5-88C2-A709E599FFE8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*","matchCriteriaId":"07DAFDDA-718B-4B69-A524-B0CEB80FE960"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*","versionEndIncluding":"6.1.0","matchCriteriaId":"BC5F3455-0918-4F29-987F-376FF74F8CE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.0","versionEndExcluding":"6.2.3.14","matchCriteriaId":"3C50547D-4EEE-40B2-80F3-DC0059DF5B27"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*","versionStartIncluding":"6.3.0","versionEndExcluding":"6.3.0.3","matchCriteriaId":"9A16803C-579C-4992-B37E-7CEC17307659"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_1000:-:*:*:*:*:*:*:*","matchCriteriaId":"E6F79864-CA70-4192-AC2C-E174DF3F25B2"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_2100:-:*:*:*:*:*:*:*","matchCriteriaId":"D23A26EF-5B43-437C-A962-4FC69D8A0FF4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0","versionEndExcluding":"2.2.2.101","matchCriteriaId":"E80B3246-5C14-4F5E-B105-DA354CE54E99"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"2.3","versionEndExcluding":"2.3.1.155","matchCriteriaId":"3D69E67A-C3CE-4714-9DFF-6D4FAD4FA3BB"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"2.4","versionEndExcluding":"2.4.1.238","matchCriteriaId":"205AC1E3-B978-45B9-A6C2-FDCC7EBB73D4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*","matchCriteriaId":"9E9552E6-0B9B-4B32-BE79-90D4E3887A7B"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_9300:*:*:*:*:*:*:*:*","matchCriteriaId":"C5F3E15A-5407-4C25-97AF-7E53173C6892"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fxos-cmd-inject","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fxos-cmd-inject","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}