Lucene search

CiscoCISCO-SA-20200122-FMC-AUTH

HistoryJan 22, 2020 - 4:00 p.m.

Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability

2020-01-2216:00:00

tools.cisco.com

EPSS

0.002

Percentile

61.1%

JSON

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device.

The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth”]

Affected configurations

Vulners

Node

ciscofirepower_management_centerMatch6.0

ciscofirepower_management_centerMatch6.1

ciscofirepower_management_centerMatch6.2

ciscofirepower_management_centerMatch6.3

ciscofirepower_management_centerMatch6.4

ciscofirepower_management_centerMatch6.5

ciscocisco_firepower_management_center_baseMatchany

ciscofirepower_management_centerMatch6.0.0

ciscofirepower_management_centerMatch6.0.1

ciscofirepower_management_centerMatch6.0.0.1

ciscofirepower_management_centerMatch6.0.0.0

ciscofirepower_management_centerMatch6.0.1.1

ciscofirepower_management_centerMatch6.0.1.3

ciscofirepower_management_centerMatch6.0.1.2

ciscofirepower_management_centerMatch6.0.1.4

ciscofirepower_management_centerMatch6.1.0

ciscofirepower_management_centerMatch6.1.0.2

ciscofirepower_management_centerMatch6.1.0.1

ciscofirepower_management_centerMatch6.1.0.3

ciscofirepower_management_centerMatch6.1.0.4

ciscofirepower_management_centerMatch6.1.0.5

ciscofirepower_management_centerMatch6.1.0.6

ciscofirepower_management_centerMatch6.1.0.7

ciscocisco_firepower_management_center_baseMatchany

ciscofirepower_management_centerMatch6.2.0

ciscofirepower_management_centerMatch6.2.1

ciscofirepower_management_centerMatch6.2.2

ciscofirepower_management_centerMatch6.2.0.2

ciscofirepower_management_centerMatch6.2.0.1

ciscofirepower_management_centerMatch6.2.0.3

ciscofirepower_management_centerMatch6.2.0.4

ciscofirepower_management_centerMatch6.2.0.5

ciscofirepower_management_centerMatch6.2.0.6

ciscofirepower_management_centerMatch6.2.0.7

ciscofirepower_management_centerMatch6.2.2.1

ciscofirepower_management_centerMatch6.2.2.2

ciscofirepower_management_centerMatch6.2.2.3

ciscofirepower_management_centerMatch6.2.2.4

ciscofirepower_management_centerMatch6.2.3

ciscofirepower_management_centerMatch6.2.3.1

ciscofirepower_management_centerMatch6.2.3.2

ciscofirepower_management_centerMatch6.2.3.3

ciscofirepower_management_centerMatch6.2.3.4

ciscofirepower_management_centerMatch6.2.3.5

ciscofirepower_management_centerMatch6.2.3.6

ciscofirepower_management_centerMatch6.2.3.7

ciscofirepower_management_centerMatch6.2.3.9

ciscofirepower_management_centerMatch6.2.3.10

ciscofirepower_management_centerMatch6.2.3.11

ciscofirepower_management_centerMatch6.2.3.12

ciscofirepower_management_centerMatch6.2.3.13

ciscofirepower_management_centerMatch6.2.3.14

ciscofirepower_management_centerMatch6.3.0

ciscofirepower_management_centerMatch6.3.0.1

ciscofirepower_management_centerMatch6.3.0.2

ciscofirepower_management_centerMatch6.3.0.3

ciscofirepower_management_centerMatch6.4.0

ciscofirepower_management_centerMatch6.4.0.1

ciscofirepower_management_centerMatch6.4.0.3

ciscofirepower_management_centerMatch6.5.0

VendorProductVersionCPE
ciscofirepower_management_center6.0cpe:2.3:a:cisco:firepower_management_center:6.0:*:*:*:*:*:*:*
ciscofirepower_management_center6.1cpe:2.3:a:cisco:firepower_management_center:6.1:*:*:*:*:*:*:*
ciscofirepower_management_center6.2cpe:2.3:a:cisco:firepower_management_center:6.2:*:*:*:*:*:*:*
ciscofirepower_management_center6.3cpe:2.3:a:cisco:firepower_management_center:6.3:*:*:*:*:*:*:*
ciscofirepower_management_center6.4cpe:2.3:a:cisco:firepower_management_center:6.4:*:*:*:*:*:*:*
ciscofirepower_management_center6.5cpe:2.3:a:cisco:firepower_management_center:6.5:*:*:*:*:*:*:*
ciscocisco_firepower_management_center_baseanycpe:2.3:a:cisco:cisco_firepower_management_center_base:any:*:*:*:*:*:*:*
ciscofirepower_management_center6.0.0cpe:2.3:a:cisco:firepower_management_center:6.0.0:*:*:*:*:*:*:*
ciscofirepower_management_center6.0.1cpe:2.3:a:cisco:firepower_management_center:6.0.1:*:*:*:*:*:*:*
ciscofirepower_management_center6.0.0.1cpe:2.3:a:cisco:firepower_management_center:6.0.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	firepower_management_center	6.0	cpe:2.3:a:cisco:firepower_management_center:6.0:::::::*
cisco	firepower_management_center	6.1	cpe:2.3:a:cisco:firepower_management_center:6.1:::::::*
cisco	firepower_management_center	6.2	cpe:2.3:a:cisco:firepower_management_center:6.2:::::::*
cisco	firepower_management_center	6.3	cpe:2.3:a:cisco:firepower_management_center:6.3:::::::*
cisco	firepower_management_center	6.4	cpe:2.3:a:cisco:firepower_management_center:6.4:::::::*
cisco	firepower_management_center	6.5	cpe:2.3:a:cisco:firepower_management_center:6.5:::::::*
cisco	cisco_firepower_management_center_base	any	cpe:2.3:a:cisco:cisco_firepower_management_center_base:any:::::::*
cisco	firepower_management_center	6.0.0	cpe:2.3:a:cisco:firepower_management_center:6.0.0:::::::*
cisco	firepower_management_center	6.0.1	cpe:2.3:a:cisco:firepower_management_center:6.0.1:::::::*
cisco	firepower_management_center	6.0.0.1	cpe:2.3:a:cisco:firepower_management_center:6.0.0.1:::::::*