Cisco Addresses High-Severity Vulnerability in Firepower Management Center
May 27, 2024
Cisco has recently dealt with a high-severity vulnerability in the web-based management interface of the Firepower Management Center (FMC) Software. This vulnerability is identified as CVE-2024-20360 and has a CVSS score of 8.8. The flaw is a SQL injection issue that could allow an attacker to access any data from the database, execute arbitrary commands on the underlying operating system, and elevate privileges to root. However, the attacker would need at least Read Only user credentials to exploit this vulnerability.
The advisory states, “A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.” It further explains, “This vulnerability exists because the web-based management interface does not adequately validate user input. An attacker could exploit this vulnerability by authenticating to the application and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to obtain any data from the database, execute arbitrary commands on the underlying operating system, and elevate privileges to root. To exploit this vulnerability, an attacker would need at least Read Only user credentials.”
Cisco has confirmed that there are no workarounds that can address this vulnerability. Furthermore, the company has reassured that this vulnerability does not affect Adaptive Security Appliance (ASA) Software or Firepower Threat Defense (FTD) Software. The Cisco Product Security Incident Response Team (PSIRT) has not reported any instances of this vulnerability being exploited in the wild.
Latest News
- MITRE Corporation Cyber Attack: Hackers Utilize Rogue VMs to Evade Detection
- Google Patches Eighth Actively Exploited Chrome Zero-Day of the Year
- Justice AV Solutions (JAVS) Software Compromised in Supply Chain Attack
- GitLab Patches High-Severity Flaw Allowing Account Takeovers
- CISA Issues Alert over Active Exploitation of Apache Flink Vulnerability
Like what you see?
Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.