CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2024-20412

CVSS 9.3v3.1pub. 2024-10-23upd. 2024-11-05

A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials. This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. An attacker could exploit this vulnerability by logging in to the CLI of an affected device with these credentials. A successful exploit could allow the attacker to access the affected system and retrieve sensitive information, perform limited troubleshooting actions, modify some configuration options, or render the device unable to boot to the operating system, requiring a reimage of the device.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Cisco Firepower 1000

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 1010

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 1020

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 1030

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 1040

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 1120

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 1140

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 1150

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 2100

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 2110

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 2120

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 2130

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 2140

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 3105

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 3110

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 3120

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 3130

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 3140

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 4215

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 4225

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 4245

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower Threat Defense

    APP
    Cisco
    7.1.07.1.0.17.1.0.27.1.0.37.2.07.2.0.17.2.17.2.27.2.37.2.47.2.4.17.2.57.2.5.17.2.5.27.2.6+ 8 więcej
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2025-20333CRITICAL9.9⚠ KEVPL ✓ten sam produkt

RCE jako root w Cisco ASA i FTD poprzez podatny serwer VPN web

CVE-2025-20363CRITICAL9.0PL ✓ten sam produkt

RCE w web services Cisco ASA, FTD, IOS, IOS XE, IOS XR przez HTTP

CVE-2022-20829CRITICAL9.1ten sam produkt

A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of...

CVE-2020-3187CRITICAL9.1ten sam produkt

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Fi...

CVE-2018-0101CRITICAL10.0ten sam produkt

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (...