What is CVE-2019-12699?

CVE-2019-12699 is a high-severity vulnerability in Cisco Firepower Extensible Operating System (Fxos), classified under Improper Input Validation. CVSS score: 8.8/10. Published 2019-10-02.

How severe is CVE-2019-12699?

High severity. CVSS v3 base score is 8.8 out of 10.

Improper input validation in Cisco Firepower Extensible Operating System (Fxos)

CVE-2019-12699

Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute commands on the underlying operating system (OS) with root privileges. The…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.001 (34.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H.

Affected products

Cisco Firepower Extensible Operating System (Fxos) — versions unspecified

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

20191002 Cisco FXOS Software and Firepower Threat Defense Software Command Injection Vulnerabilities (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2019-12699?: CVE-2019-12699 is a high-severity vulnerability in Cisco Firepower Extensible Operating System (Fxos), classified under Improper Input Validation. CVSS score: 8.8/10. Published 2019-10-02.
How severe is CVE-2019-12699?: High severity. CVSS v3 base score is 8.8 out of 10.