Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could exploit these vulnerabilities by sending crafted SQL queries to an affected device. A successful exploit could allow the attacker to view information that they are not authorized to view, make changes to the system that they are not authorized to make, and execute commands within the underlying operating system that may affect the availability of the device.
History

Tue, 26 Nov 2024 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Cisco secure Firewall Management Center
CPEs cpe:2.3:a:cisco:firepower_management_center:6.2.2:*:*:*:*:*:*:* cpe:2.3:a:cisco:secure_firewall_management_center:6.2.2:*:*:*:*:*:*:*
Vendors & Products Cisco firepower Management Center
Cisco secure Firewall Management Center

Wed, 20 Nov 2024 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2019-10-02T19:06:41.886232Z

Updated: 2024-11-20T17:08:12.886Z

Reserved: 2019-06-04T00:00:00

Link: CVE-2019-12682

cve-icon Vulnrichment

Updated: 2024-08-04T23:24:39.163Z

cve-icon NVD

Status : Modified

Published: 2019-10-02T19:15:12.703

Modified: 2024-11-26T16:09:02.407

Link: CVE-2019-12682

cve-icon Redhat

No data.