Lucene search

CiscoCVELIST:CVE-2021-34763

HistoryOct 27, 2021 - 6:55 p.m.

CVE-2021-34763 Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities

2021-10-2718:55:41

CWE-601

cisco

www.cve.org

cisco

firepower management center

xss

open redirect

vulnerabilities

CVSS3

4.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

AI Score

5.5

Confidence

High

EPSS

0.001

Percentile

22.7%

JSON

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory.

CNA Affected

[
  {
    "product": "Cisco Firepower Management Center",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg