How severe is CVE-2019-12675?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.2 out of 10.

What type of vulnerability is CVE-2019-12675?

This is classified as CWE-216, which is a common weakness in software security.

CVE-2019-12675

HIGH Year: 2019

CVSS v3 Score

8.2

High

CVSS v2 Score

7.2

High

Weakness Type

CWE-216

View all →

Vulnerability Description

Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.

CVE-2019-12674

HIGH

CVSS:8.2(High)

CWE-2162019

CVE-2019-1911

HIGH

CVSS:7.8(High)

A vulnerability in the CLI of Cisco Unified Communications Domain Manager (Cisco Unified CDM) Software could allow an authenticated, local attacker to escape the restricted shell. The vulnerability is...

CWE-2162019

CVE-2020-3514

MEDIUM

CVSS:6.7(Medium)

A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their Cisco FTD instance and exe...

CWE-2162020