Cisco Secure Firewall Management Center HTML Injection Vulnerability
CVE-2024-20274

5.5MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Firepower Management Center
Vendor: CVE Published:; 23 October 2024

Badges

👾 Exploit Exists

Summary

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document.

This vulnerability is due to improper validation of user-supplied data. An attacker could exploit this vulnerability by submitting malicious content to an affected device and using the device to generate a document that contains sensitive information. A successful exploit could allow the attacker to alter the standard layout of the device-generated documents, access arbitrary files from the underlying operating system, and conduct server-side request forgery (SSRF) attacks. To successfully exploit this vulnerability, an attacker would need valid credentials for a user account with policy-editing permissions, such as Network Admin, Intrusion Admin, or any custom user role with the same capabilities.

Affected Version(s)

Cisco Firepower Management Center 6.2.3.12

Cisco Firepower Management Center 6.2.3.1

Cisco Firepower Management Center 6.2.3.10

References

https://sec.cloudapps.cisco.com/security/center/content/C...

https://sec.cloudapps.cisco.com/security/center/viewErp.x...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

👾
Exploit known to exist
Oct 24, 2024
Vulnerability published
Oct 23, 2024