OpenCVE

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface does not adequately validate user input. An attacker could exploit this vulnerability by authenticating to the application and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to obtain any data from the database, execute arbitrary commands on the underlying operating system, and elevate privileges to root. To exploit this vulnerability, an attacker would need at least Read Only user credentials.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Secure Firewall Management Center

Configuration 1 [-]

cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sqli-WFFDnNOs

History

Tue, 26 Nov 2024 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Cisco secure Firewall Management Center
CPEs	cpe:2.3:a:cisco:firepower_management_center::::::::	cpe:2.3:a:cisco:secure_firewall_management_center::::::::
Vendors & Products	Cisco firepower Management Center	Cisco secure Firewall Management Center

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2024-05-22T17:46:25.091Z

Updated: 2024-08-01T21:59:42.328Z

Reserved: 2023-11-08T15:08:07.650Z

Link: CVE-2024-20360

Vulnrichment

Updated: 2024-08-01T21:59:42.328Z

NVD

Status : Modified

Published: 2024-05-22T18:15:09.493

Modified: 2024-11-26T16:09:02.407

Link: CVE-2024-20360

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-20360", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2023-11-08T15:08:07.650Z", "datePublished": "2024-05-22T17:46:25.091Z", "dateUpdated": "2024-08-01T21:59:42.328Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-05-22T17:46:25.091Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface does not adequately validate user input. An attacker could exploit this vulnerability by authenticating to the application and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to obtain any data from the database, execute arbitrary commands on the underlying operating system, and elevate privileges to root. To exploit this vulnerability, an attacker would need at least Read Only user credentials."}], "affected": [{"vendor": "Cisco", "product": "Cisco Firepower Management Center", "versions": [{"version": "7.0.0", "status": "affected"}, {"version": "7.0.0.1", "status": "affected"}, {"version": "7.0.1", "status": "affected"}, {"version": "7.0.1.1", "status": "affected"}, {"version": "7.0.2", "status": "affected"}, {"version": "7.0.2.1", "status": "affected"}, {"version": "7.0.3", "status": "affected"}, {"version": "7.0.4", "status": "affected"}, {"version": "7.0.5", "status": "affected"}, {"version": "7.0.6", "status": "affected"}, {"version": "7.1.0", "status": "affected"}, {"version": "7.1.0.1", "status": "affected"}, {"version": "7.1.0.2", "status": "affected"}, {"version": "7.1.0.3", "status": "affected"}, {"version": "7.2.0", "status": "affected"}, {"version": "7.2.1", "status": "affected"}, {"version": "7.2.2", "status": "affected"}, {"version": "7.2.0.1", "status": "affected"}, {"version": "7.2.3", "status": "affected"}, {"version": "7.2.3.1", "status": "affected"}, {"version": "7.2.4", "status": "affected"}, {"version": "7.2.4.1", "status": "affected"}, {"version": "7.2.5", "status": "affected"}, {"version": "7.3.0", "status": "affected"}, {"version": "7.3.1", "status": "affected"}, {"version": "7.3.1.1", "status": "affected"}, {"version": "7.3.1.2", "status": "affected"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "type": "cwe", "cweId": "CWE-89"}]}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sqli-WFFDnNOs", "name": "cisco-sa-fmc-sqli-WFFDnNOs"}], "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-fmc-sqli-WFFDnNOs", "discovery": "INTERNAL", "defects": ["CSCwf92182"]}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-20360", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-23T14:29:11.291846Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:cisco:firepower_management_center:-:*:*:*:*:*:*:*"], "vendor": "cisco", "product": "firepower_management_center", "versions": [{"status": "affected", "version": "7.0.0"}, {"status": "affected", "version": "7.0.0.1"}, {"status": "affected", "version": "7.0.1"}, {"status": "affected", "version": "7.0.1.1"}, {"status": "affected", "version": "7.0.2"}, {"status": "affected", "version": "7.0.2.1"}, {"status": "affected", "version": "7.0.3"}, {"status": "affected", "version": "7.0.4"}, {"status": "affected", "version": "7.0.5"}, {"status": "affected", "version": "7.0.6"}, {"status": "affected", "version": "7.1.0"}, {"status": "affected", "version": "7.1.0.1"}, {"status": "affected", "version": "7.1.0.2"}, {"status": "affected", "version": "7.1.0.3"}, {"status": "affected", "version": "7.2.0"}, {"status": "affected", "version": "7.2.1"}, {"status": "affected", "version": "7.2.2"}, {"status": "affected", "version": "7.2.0.1"}, {"status": "affected", "version": "7.2.3"}, {"status": "affected", "version": "7.2.3.1"}, {"status": "affected", "version": "7.2.4"}, {"status": "affected", "version": "7.2.4.1"}, {"status": "affected", "version": "7.2.5"}, {"status": "affected", "version": "7.3.0"}, {"status": "affected", "version": "7.3.1"}, {"status": "affected", "version": "7.3.1.1"}, {"status": "affected", "version": "7.3.1.2"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:40:39.489Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:59:42.328Z"}, "title": "CVE Program Container", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sqli-WFFDnNOs", "name": "cisco-sa-fmc-sqli-WFFDnNOs", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sqli-WFFDnNOs", "name": "cisco-sa-fmc-sqli-WFFDnNOs", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:59:42.328Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-20360", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-23T14:29:11.291846Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:cisco:firepower_management_center:-:*:*:*:*:*:*:*"], "vendor": "cisco", "product": "firepower_management_center", "versions": [{"status": "affected", "version": "7.0.0"}, {"status": "affected", "version": "7.0.0.1"}, {"status": "affected", "version": "7.0.1"}, {"status": "affected", "version": "7.0.1.1"}, {"status": "affected", "version": "7.0.2"}, {"status": "affected", "version": "7.0.2.1"}, {"status": "affected", "version": "7.0.3"}, {"status": "affected", "version": "7.0.4"}, {"status": "affected", "version": "7.0.5"}, {"status": "affected", "version": "7.0.6"}, {"status": "affected", "version": "7.1.0"}, {"status": "affected", "version": "7.1.0.1"}, {"status": "affected", "version": "7.1.0.2"}, {"status": "affected", "version": "7.1.0.3"}, {"status": "affected", "version": "7.2.0"}, {"status": "affected", "version": "7.2.1"}, {"status": "affected", "version": "7.2.2"}, {"status": "affected", "version": "7.2.0.1"}, {"status": "affected", "version": "7.2.3"}, {"status": "affected", "version": "7.2.3.1"}, {"status": "affected", "version": "7.2.4"}, {"status": "affected", "version": "7.2.4.1"}, {"status": "affected", "version": "7.2.5"}, {"status": "affected", "version": "7.3.0"}, {"status": "affected", "version": "7.3.1"}, {"status": "affected", "version": "7.3.1.1"}, {"status": "affected", "version": "7.3.1.2"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T14:29:40.268Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"source": {"defects": ["CSCwf92182"], "advisory": "cisco-sa-fmc-sqli-WFFDnNOs", "discovery": "INTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Firepower Management Center", "versions": [{"status": "affected", "version": "7.0.0"}, {"status": "affected", "version": "7.0.0.1"}, {"status": "affected", "version": "7.0.1"}, {"status": "affected", "version": "7.0.1.1"}, {"status": "affected", "version": "7.0.2"}, {"status": "affected", "version": "7.0.2.1"}, {"status": "affected", "version": "7.0.3"}, {"status": "affected", "version": "7.0.4"}, {"status": "affected", "version": "7.0.5"}, {"status": "affected", "version": "7.0.6"}, {"status": "affected", "version": "7.1.0"}, {"status": "affected", "version": "7.1.0.1"}, {"status": "affected", "version": "7.1.0.2"}, {"status": "affected", "version": "7.1.0.3"}, {"status": "affected", "version": "7.2.0"}, {"status": "affected", "version": "7.2.1"}, {"status": "affected", "version": "7.2.2"}, {"status": "affected", "version": "7.2.0.1"}, {"status": "affected", "version": "7.2.3"}, {"status": "affected", "version": "7.2.3.1"}, {"status": "affected", "version": "7.2.4"}, {"status": "affected", "version": "7.2.4.1"}, {"status": "affected", "version": "7.2.5"}, {"status": "affected", "version": "7.3.0"}, {"status": "affected", "version": "7.3.1"}, {"status": "affected", "version": "7.3.1.1"}, {"status": "affected", "version": "7.3.1.2"}]}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sqli-WFFDnNOs", "name": "cisco-sa-fmc-sqli-WFFDnNOs"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface does not adequately validate user input. An attacker could exploit this vulnerability by authenticating to the application and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to obtain any data from the database, execute arbitrary commands on the underlying operating system, and elevate privileges to root. To exploit this vulnerability, an attacker would need at least Read Only user credentials."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-89", "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-05-22T17:46:25.091Z"}}}, "cveMetadata": {"cveId": "CVE-2024-20360", "state": "PUBLISHED", "dateUpdated": "2024-08-01T21:59:42.328Z", "dateReserved": "2023-11-08T15:08:07.650Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2024-05-22T17:46:25.091Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "DAE1861C-6B41-491C-B050-A4301734586F", "versionEndIncluding": "7.3.1.2", "versionStartIncluding": "7.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface does not adequately validate user input. An attacker could exploit this vulnerability by authenticating to the application and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to obtain any data from the database, execute arbitrary commands on the underlying operating system, and elevate privileges to root. To exploit this vulnerability, an attacker would need at least Read Only user credentials."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto autenticado realice ataques de inyecci\u00f3n SQL en un sistema afectado. Esta vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en web no valida adecuadamente la entrada del usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad autentic\u00e1ndose en la aplicaci\u00f3n y enviando consultas SQL manipuladas a un sistema afectado. Un exploit exitoso podr\u00eda permitir al atacante obtener datos de la base de datos, ejecutar comandos arbitrarios en el sistema operativo subyacente y elevar los privilegios a root. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda al menos credenciales de usuario de s\u00f3lo lectura."}], "id": "CVE-2024-20360", "lastModified": "2024-11-26T16:09:02.407", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "ykramarz@cisco.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-22T18:15:09.493", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sqli-WFFDnNOs"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sqli-WFFDnNOs"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "ykramarz@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}