Cisco Firepower Management Center Software Vulnerability: SQL Injection Attacks Possible

Summary

A critical vulnerability has been identified in Cisco Firepower Management Center (FMC) Software’s web-based management interface. This vulnerability, tracked as CVE-2024-20360, could allow authenticated, remote attackers to conduct SQL injection attacks on affected systems, potentially leading to unauthorized data access, command execution on the underlying operating system, and privilege escalation to root. Cisco has released software updates to address this critical vulnerability and strongly recommends that all users of affected Cisco FMC Software versions upgrade to the fixed software releases to mitigate the risks associated with this vulnerability.

News Articles

Cyber Security Informer

CVE-2024-20360

Top Cyber Security Informer Penetration Testing Artificial Intelligence Content for Thu.May 23, 2024

Best content around Penetration Testing Artificial Intelligence selected by the Cyber Security Informer community.

7 months ago

GBHackers on Security

CVE-2024-20360

Cisco Firepower Vulnerability Let Attackers Launch SQL Injection Attacks

 A vulnerability has been identified in the web-based management interface of Cisco FMC Software, potentially allowing authentication.

7 months ago

Rewterz

CVE-2024-20360CVE-2024-20363

Multiple Cisco Products Vulnerabilities - Rewterz

Cisco Firepower Management Center Software is vulnerable to SQL injection.

7 months ago

References