CVE-2024-20471 (GCVE-0-2024-20471)
Vulnerability from cvelistv5 – Published: 2024-10-23 17:47 – Updated: 2024-10-24 14:26
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.
This vulnerability exists because the web-based management interface does not validate user input adequately. An attacker could exploit this vulnerability by authenticating to the application as an Administrator and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to obtain unauthorized data from the database and make changes to the system. To exploit this vulnerability, an attacker would need Administrator-level privileges.
Severity ?
6.5 (Medium)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Firepower Management Center |
Affected:
6.2.3
Affected: 6.2.3.1 Affected: 6.2.3.2 Affected: 6.2.3.3 Affected: 6.2.3.4 Affected: 6.2.3.5 Affected: 6.2.3.6 Affected: 6.2.3.7 Affected: 6.2.3.9 Affected: 6.2.3.10 Affected: 6.2.3.11 Affected: 6.2.3.12 Affected: 6.2.3.13 Affected: 6.2.3.14 Affected: 6.2.3.15 Affected: 6.2.3.8 Affected: 6.2.3.16 Affected: 6.2.3.17 Affected: 6.2.3.18 Affected: 6.4.0 Affected: 6.4.0.1 Affected: 6.4.0.3 Affected: 6.4.0.2 Affected: 6.4.0.4 Affected: 6.4.0.5 Affected: 6.4.0.6 Affected: 6.4.0.7 Affected: 6.4.0.8 Affected: 6.4.0.9 Affected: 6.4.0.10 Affected: 6.4.0.11 Affected: 6.4.0.12 Affected: 6.4.0.13 Affected: 6.4.0.14 Affected: 6.4.0.15 Affected: 6.4.0.16 Affected: 6.4.0.17 Affected: 6.4.0.18 Affected: 6.6.0 Affected: 6.6.0.1 Affected: 6.6.1 Affected: 6.6.3 Affected: 6.6.4 Affected: 6.6.5 Affected: 6.6.5.1 Affected: 6.6.5.2 Affected: 6.6.7 Affected: 6.6.7.1 Affected: 6.6.7.2 Affected: 6.7.0 Affected: 6.7.0.1 Affected: 6.7.0.2 Affected: 6.7.0.3 Affected: 7.0.0 Affected: 7.0.0.1 Affected: 7.0.1 Affected: 7.0.1.1 Affected: 7.0.2 Affected: 7.0.2.1 Affected: 7.0.3 Affected: 7.0.4 Affected: 7.0.5 Affected: 7.0.6 Affected: 7.0.6.1 Affected: 7.0.6.2 Affected: 7.1.0 Affected: 7.1.0.1 Affected: 7.1.0.2 Affected: 7.1.0.3 Affected: 7.2.0 Affected: 7.2.1 Affected: 7.2.2 Affected: 7.2.0.1 Affected: 7.2.3 Affected: 7.2.3.1 Affected: 7.2.4 Affected: 7.2.4.1 Affected: 7.2.5 Affected: 7.2.5.1 Affected: 7.2.6 Affected: 7.2.7 Affected: 7.2.5.2 Affected: 7.2.8 Affected: 7.2.8.1 Affected: 7.3.0 Affected: 7.3.1 Affected: 7.3.1.1 Affected: 7.3.1.2 Affected: 7.4.0 Affected: 7.4.1 Affected: 7.4.1.1 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "firepower_management_center",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "6.2.3"
},
{
"status": "affected",
"version": "6.2.3.1"
},
{
"status": "affected",
"version": "6.2.3.2"
},
{
"status": "affected",
"version": "6.2.3.3"
},
{
"status": "affected",
"version": "6.2.3.4"
},
{
"status": "affected",
"version": "6.2.3.5"
},
{
"status": "affected",
"version": "6.2.3.6"
},
{
"status": "affected",
"version": "6.2.3.7"
},
{
"status": "affected",
"version": "6.2.3.9"
},
{
"status": "affected",
"version": "6.2.3.10"
},
{
"status": "affected",
"version": "6.2.3.11"
},
{
"status": "affected",
"version": "6.2.3.12"
},
{
"status": "affected",
"version": "6.2.3.13"
},
{
"status": "affected",
"version": "6.2.3.14"
},
{
"status": "affected",
"version": "6.2.3.15"
},
{
"status": "affected",
"version": "6.2.3.8"
},
{
"status": "affected",
"version": "6.2.3.16"
},
{
"status": "affected",
"version": "6.2.3.17"
},
{
"status": "affected",
"version": "6.2.3.18"
},
{
"status": "affected",
"version": "6.4.0"
},
{
"status": "affected",
"version": "6.4.0.1"
},
{
"status": "affected",
"version": "6.4.0.3"
},
{
"status": "affected",
"version": "6.4.0.2"
},
{
"status": "affected",
"version": "6.4.0.4"
},
{
"status": "affected",
"version": "6.4.0.5"
},
{
"status": "affected",
"version": "6.4.0.6"
},
{
"status": "affected",
"version": "6.4.0.7"
},
{
"status": "affected",
"version": "6.4.0.8"
},
{
"status": "affected",
"version": "6.4.0.9"
},
{
"status": "affected",
"version": "6.4.0.10"
},
{
"status": "affected",
"version": "6.4.0.11"
},
{
"status": "affected",
"version": "6.4.0.12"
},
{
"status": "affected",
"version": "6.4.0.13"
},
{
"status": "affected",
"version": "6.4.0.14"
},
{
"status": "affected",
"version": "6.4.0.15"
},
{
"status": "affected",
"version": "6.4.0.16"
},
{
"status": "affected",
"version": "6.4.0.17"
},
{
"status": "affected",
"version": "6.4.0.18"
},
{
"status": "affected",
"version": "6.6.0"
},
{
"status": "affected",
"version": "6.6.0.1"
},
{
"status": "affected",
"version": "6.6.1"
},
{
"status": "affected",
"version": "6.6.3"
},
{
"status": "affected",
"version": "6.6.4"
},
{
"status": "affected",
"version": "6.6.5"
},
{
"status": "affected",
"version": "6.6.5.1"
},
{
"status": "affected",
"version": "6.6.5.2"
},
{
"status": "affected",
"version": "6.6.7"
},
{
"status": "affected",
"version": "6.6.7.1"
},
{
"status": "affected",
"version": "6.6.7.2"
},
{
"status": "affected",
"version": "6.7.0"
},
{
"status": "affected",
"version": "6.7.0.1"
},
{
"status": "affected",
"version": "6.7.0.2"
},
{
"status": "affected",
"version": "6.7.0.3"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.0.0.1"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.0.2"
},
{
"status": "affected",
"version": "7.0.2.1"
},
{
"status": "affected",
"version": "7.0.3"
},
{
"status": "affected",
"version": "7.0.4"
},
{
"status": "affected",
"version": "7.0.5"
},
{
"status": "affected",
"version": "7.0.6"
},
{
"status": "affected",
"version": "7.0.6.1"
},
{
"status": "affected",
"version": "7.0.6.2"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"status": "affected",
"version": "7.1.0.1"
},
{
"status": "affected",
"version": "7.1.0.2"
},
{
"status": "affected",
"version": "7.1.0.3"
},
{
"status": "affected",
"version": "7.2.0"
},
{
"status": "affected",
"version": "7.2.1"
},
{
"status": "affected",
"version": "7.2.2"
},
{
"status": "affected",
"version": "7.2.0.1"
},
{
"status": "affected",
"version": "7.2.3"
},
{
"status": "affected",
"version": "7.2.3.1"
},
{
"status": "affected",
"version": "7.2.4"
},
{
"status": "affected",
"version": "7.2.4.1"
},
{
"status": "affected",
"version": "7.2.5"
},
{
"status": "affected",
"version": "7.2.5.1"
},
{
"status": "affected",
"version": "7.2.6"
},
{
"status": "affected",
"version": "7.2.7"
},
{
"status": "affected",
"version": "7.2.5.2"
},
{
"status": "affected",
"version": "7.2.8"
},
{
"status": "affected",
"version": "7.2.8.1"
},
{
"status": "affected",
"version": "7.3.0"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "7.3.1.1"
},
{
"status": "affected",
"version": "7.3.1.2"
},
{
"status": "affected",
"version": "7.4.0"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.4.1.1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20471",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T14:16:17.727790Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-24T14:26:22.403Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Firepower Management Center",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "6.2.3"
},
{
"status": "affected",
"version": "6.2.3.1"
},
{
"status": "affected",
"version": "6.2.3.2"
},
{
"status": "affected",
"version": "6.2.3.3"
},
{
"status": "affected",
"version": "6.2.3.4"
},
{
"status": "affected",
"version": "6.2.3.5"
},
{
"status": "affected",
"version": "6.2.3.6"
},
{
"status": "affected",
"version": "6.2.3.7"
},
{
"status": "affected",
"version": "6.2.3.9"
},
{
"status": "affected",
"version": "6.2.3.10"
},
{
"status": "affected",
"version": "6.2.3.11"
},
{
"status": "affected",
"version": "6.2.3.12"
},
{
"status": "affected",
"version": "6.2.3.13"
},
{
"status": "affected",
"version": "6.2.3.14"
},
{
"status": "affected",
"version": "6.2.3.15"
},
{
"status": "affected",
"version": "6.2.3.8"
},
{
"status": "affected",
"version": "6.2.3.16"
},
{
"status": "affected",
"version": "6.2.3.17"
},
{
"status": "affected",
"version": "6.2.3.18"
},
{
"status": "affected",
"version": "6.4.0"
},
{
"status": "affected",
"version": "6.4.0.1"
},
{
"status": "affected",
"version": "6.4.0.3"
},
{
"status": "affected",
"version": "6.4.0.2"
},
{
"status": "affected",
"version": "6.4.0.4"
},
{
"status": "affected",
"version": "6.4.0.5"
},
{
"status": "affected",
"version": "6.4.0.6"
},
{
"status": "affected",
"version": "6.4.0.7"
},
{
"status": "affected",
"version": "6.4.0.8"
},
{
"status": "affected",
"version": "6.4.0.9"
},
{
"status": "affected",
"version": "6.4.0.10"
},
{
"status": "affected",
"version": "6.4.0.11"
},
{
"status": "affected",
"version": "6.4.0.12"
},
{
"status": "affected",
"version": "6.4.0.13"
},
{
"status": "affected",
"version": "6.4.0.14"
},
{
"status": "affected",
"version": "6.4.0.15"
},
{
"status": "affected",
"version": "6.4.0.16"
},
{
"status": "affected",
"version": "6.4.0.17"
},
{
"status": "affected",
"version": "6.4.0.18"
},
{
"status": "affected",
"version": "6.6.0"
},
{
"status": "affected",
"version": "6.6.0.1"
},
{
"status": "affected",
"version": "6.6.1"
},
{
"status": "affected",
"version": "6.6.3"
},
{
"status": "affected",
"version": "6.6.4"
},
{
"status": "affected",
"version": "6.6.5"
},
{
"status": "affected",
"version": "6.6.5.1"
},
{
"status": "affected",
"version": "6.6.5.2"
},
{
"status": "affected",
"version": "6.6.7"
},
{
"status": "affected",
"version": "6.6.7.1"
},
{
"status": "affected",
"version": "6.6.7.2"
},
{
"status": "affected",
"version": "6.7.0"
},
{
"status": "affected",
"version": "6.7.0.1"
},
{
"status": "affected",
"version": "6.7.0.2"
},
{
"status": "affected",
"version": "6.7.0.3"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.0.0.1"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.0.2"
},
{
"status": "affected",
"version": "7.0.2.1"
},
{
"status": "affected",
"version": "7.0.3"
},
{
"status": "affected",
"version": "7.0.4"
},
{
"status": "affected",
"version": "7.0.5"
},
{
"status": "affected",
"version": "7.0.6"
},
{
"status": "affected",
"version": "7.0.6.1"
},
{
"status": "affected",
"version": "7.0.6.2"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"status": "affected",
"version": "7.1.0.1"
},
{
"status": "affected",
"version": "7.1.0.2"
},
{
"status": "affected",
"version": "7.1.0.3"
},
{
"status": "affected",
"version": "7.2.0"
},
{
"status": "affected",
"version": "7.2.1"
},
{
"status": "affected",
"version": "7.2.2"
},
{
"status": "affected",
"version": "7.2.0.1"
},
{
"status": "affected",
"version": "7.2.3"
},
{
"status": "affected",
"version": "7.2.3.1"
},
{
"status": "affected",
"version": "7.2.4"
},
{
"status": "affected",
"version": "7.2.4.1"
},
{
"status": "affected",
"version": "7.2.5"
},
{
"status": "affected",
"version": "7.2.5.1"
},
{
"status": "affected",
"version": "7.2.6"
},
{
"status": "affected",
"version": "7.2.7"
},
{
"status": "affected",
"version": "7.2.5.2"
},
{
"status": "affected",
"version": "7.2.8"
},
{
"status": "affected",
"version": "7.2.8.1"
},
{
"status": "affected",
"version": "7.3.0"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "7.3.1.1"
},
{
"status": "affected",
"version": "7.3.1.2"
},
{
"status": "affected",
"version": "7.4.0"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.4.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.\r\n\r This vulnerability exists because the web-based management interface does not validate user input adequately. An attacker could exploit this vulnerability by authenticating to the application as an Administrator and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to obtain unauthorized data from the database and make changes to the system. To exploit this vulnerability, an attacker would need Administrator-level privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T17:47:42.116Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-fmc-sql-inj-LOYAFcfq",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sql-inj-LOYAFcfq"
}
],
"source": {
"advisory": "cisco-sa-fmc-sql-inj-LOYAFcfq",
"defects": [
"CSCwi78596"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20471",
"datePublished": "2024-10-23T17:47:42.116Z",
"dateReserved": "2023-11-08T15:08:07.681Z",
"dateUpdated": "2024-10-24T14:26:22.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6175407A-207E-4844-B150-EA0129C4CBBD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45B6E615-F42A-468F-8E40-AD28994B4B1D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C4B08264-DA65-4BFF-A973-FF733C7325B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE2A5330-8180-48CE-B22A-1CF24B7B1631\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ACC1D72F-9542-4A62-AA90-C0E6B2095068\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E4F3A97A-3359-40C7-95B0-2AB41C067141\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B68BA14B-1752-4F05-9331-D556247462C3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1DE72ABB-B573-43CC-A2AC-D81807970BD4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"535E8ECF-5CE5-4E78-A9EF-6167F4C59C45\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3AE3F1C4-8C7A-48AA-83E5-6F832FA94DD3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C40B7DC8-220C-4C34-A370-F1EB4B3F9EF1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DB186DC-6C03-4868-8218-06BEFC0CE400\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B29670B8-F2D3-46D7-8F34-F44B320DD6FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F04DDF5-2058-4208-A608-3673872450EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9A483AC-A8CF-439C-9009-4DFAB0484BCE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"94E7D836-46E5-4CD5-8BDC-4697D915FE05\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06220CB8-7F16-4D3C-A835-558D5F4D97ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"82917F5C-CF20-4D97-A981-FE3F8476CCFE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47E42025-1D1E-4390-AC21-9A1B0FBE8D82\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"52651664-CA65-4812-8226-E104E1BE7864\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"64E0FDB2-D5A4-4749-A182-B0B145DC00D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"23B58490-C403-44D5-BDB9-88FAD19ABC2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE33A280-84E4-4B5B-AB31-7A78754413F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA3F9410-02E1-4FE9-9A4B-E504515F4615\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AAAF924-1ADE-4267-9957-DF060D1D3538\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D02863A-1355-4FFE-A6BD-C912697774A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"704E4D3D-D1D2-48D8-A68C-227CC92A1C1D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80A3D0F1-DA29-4A66-A698-082DB0CFA4B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6B9B536-ADF9-4CE1-86EC-07BCDD65FB92\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1755E718-C726-442B-B203-E9536C546DF9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AB80FC39-0FCE-49F7-9A28-CE733DBB3572\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F61496C8-9ADE-4A4E-9788-447050691727\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0780AD6-4F38-4400-AA63-E41879F74B68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"86BA5BA6-1F79-4C89-A3F4-A56E2B664AED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"52C7994F-AA17-467B-919E-A49F0CC9DB47\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F007F6B-1EAA-468C-8159-78B020DF1E58\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9053FDE-A6BE-4535-AE36-A323F8B7ACA4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E255975-F952-43AB-A577-B8D331DDB3AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81F9AF68-70BD-46DE-B7F2-97C9BD5182A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D1D808CD-B030-4334-A286-9B3A1D35C61D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DFE9115-3E32-4A55-AB5A-83513322FE97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"09BD6616-B2B9-49B1-AD20-9B13D93C8F2C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"35A9634E-FCF4-4C67-A463-6BA5F63DD2A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D8CF5AA-7B41-4E98-8E7E-A399AAA510B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8452BA9A-F56C-48E0-BDBA-9095AF78F521\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2CE3B06-353C-4623-9EF4-78814DCB0D7D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD968EA0-616D-4A22-A15D-C66918E71761\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE45FF20-1E52-46B6-9B38-07E5A6D6FD6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"249F9108-758A-4118-94C1-BAC747AF45ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"978284EE-8BE8-43ED-ADA0-B90151D83EA5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.7.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0BA140F9-4706-4B05-826E-962A277E625A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.7.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5E7D3C93-B0FC-475E-9CCA-AA8A2101781D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:6.7.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"270CA092-1AF1-48D4-8695-E7DB694969C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DFA94312-376E-4785-888F-3C07612E1DF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"29E73FBF-2579-4660-AFFA-7F9607004226\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87FAAFFB-0589-441B-8289-8B8A6E18F705\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"73B92119-793D-4A43-A056-24DB6826E759\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"093A0BC2-037C-463F-AFC5-EF11C2954EAD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C4F434FC-CAA4-4DBB-8094-C4ECC28B31E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68C70BB3-33B3-4E7E-99D5-FF76D4ED96AE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B881B8DF-A96D-4B64-B98A-71F0D3388641\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6A97625-D39C-42D5-89E4-415A868A0972\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5E4D83B4-9697-4071-AC9F-7ADC86A6B529\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F81F708-ACED-4E42-8CA9-116B5C4F5141\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C86116B-8475-40A0-A507-D4A7947F5F2C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A58A2DA5-3EE7-408D-AAFA-82330F0325B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FA98EEC-2059-4CA9-92F1-72C1E0BB7EC6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4C51EE7-866B-410C-B75E-EF260D5062B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F1FFD07-B874-4D3C-8E2C-9A204F1E994E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB5ACB9E-86AF-4EC1-9F36-A202429CD0F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD1E4527-AAE2-4DA9-AFDA-6375839F7843\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F0AF047-EAE9-4C77-BCEF-5CB26F84C742\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2ED03874-4071-4382-8A46-8B3A59E601FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF84E043-DF3C-4A95-8FDA-B0FDCD795377\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9498087-9642-4A86-B3EE-1513C55A86E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36C229AB-2851-48D4-815A-63AAB4462A24\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DA4BCFC-8237-4F5C-9863-523EE7D8619B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07693A92-7D84-45A1-ACD6-D83AE41D504B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C78050A-A5FB-427B-BF0D-0353B240A4FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85E76AE7-12AC-4419-AE66-43730B173B4E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D803EC9-26EE-4799-A435-C782C92739CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6EEF87CD-2335-4886-A65C-4E33775AEC52\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"953EB81A-1B53-4A57-9F59-D4A7D37E657E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1CB534BC-3E4D-4484-AFD0-69524B1F07F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D401072-6709-4921-8918-720F28D61E24\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0EA3467-4205-4C41-AF24-689330F7396B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BE94E38-5F29-4AE1-8129-7F7582C2CC75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FEF603AD-D69B-4DD8-A7F4-6BEFD355EF29\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D6BD1665-7824-4D98-A930-432CBDA4EAD5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8056E69-22FA-4935-A576-916805D90C62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_firewall_management_center:7.4.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A80BBBE-DB5E-460A-8621-6E28D2BD6E44\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.\\r\\n\\r This vulnerability exists because the web-based management interface does not validate user input adequately. An attacker could exploit this vulnerability by authenticating to the application as an Administrator and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to obtain unauthorized data from the database and make changes to the system. To exploit this vulnerability, an attacker would need Administrator-level privileges.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en la interfaz de administraci\\u00f3n basada en web del software Cisco Secure Firewall Management Center (FMC) podr\\u00eda permitir que un atacante remoto autenticado realice ataques de inyecci\\u00f3n SQL en un sistema afectado. Esta vulnerabilidad existe porque la interfaz de administraci\\u00f3n basada en web no valida adecuadamente la entrada del usuario. Un atacante podr\\u00eda aprovechar esta vulnerabilidad autentic\\u00e1ndose en la aplicaci\\u00f3n como administrador y enviando consultas SQL manipuladas a un sistema afectado. Una explotaci\\u00f3n exitosa podr\\u00eda permitir al atacante obtener datos no autorizados de la base de datos y realizar cambios en el sistema. Para aprovechar esta vulnerabilidad, un atacante necesitar\\u00eda privilegios de nivel de administrador.\"}]",
"id": "CVE-2024-20471",
"lastModified": "2024-11-01T18:16:35.227",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 5.2}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 5.2}]}",
"published": "2024-10-23T18:15:10.773",
"references": "[{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sql-inj-LOYAFcfq\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-89\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-89\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-20471\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2024-10-23T18:15:10.773\",\"lastModified\":\"2024-11-01T18:16:35.227\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.\\r\\n\\r This vulnerability exists because the web-based management interface does not validate user input adequately. An attacker could exploit this vulnerability by authenticating to the application as an Administrator and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to obtain unauthorized data from the database and make changes to the system. To exploit this vulnerability, an attacker would need Administrator-level privileges.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Secure Firewall Management Center (FMC) podr\u00eda permitir que un atacante remoto autenticado realice ataques de inyecci\u00f3n SQL en un sistema afectado. Esta vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en web no valida adecuadamente la entrada del usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad autentic\u00e1ndose en la aplicaci\u00f3n como administrador y enviando consultas SQL manipuladas a un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante obtener datos no autorizados de la base de datos y realizar cambios en el sistema. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda privilegios de nivel de administrador.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.2,\"impactScore\":5.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.2,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-89\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-89\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6175407A-207E-4844-B150-EA0129C4CBBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45B6E615-F42A-468F-8E40-AD28994B4B1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4B08264-DA65-4BFF-A973-FF733C7325B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE2A5330-8180-48CE-B22A-1CF24B7B1631\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACC1D72F-9542-4A62-AA90-C0E6B2095068\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4F3A97A-3359-40C7-95B0-2AB41C067141\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B68BA14B-1752-4F05-9331-D556247462C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DE72ABB-B573-43CC-A2AC-D81807970BD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"535E8ECF-5CE5-4E78-A9EF-6167F4C59C45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AE3F1C4-8C7A-48AA-83E5-6F832FA94DD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C40B7DC8-220C-4C34-A370-F1EB4B3F9EF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DB186DC-6C03-4868-8218-06BEFC0CE400\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B29670B8-F2D3-46D7-8F34-F44B320DD6FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F04DDF5-2058-4208-A608-3673872450EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9A483AC-A8CF-439C-9009-4DFAB0484BCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94E7D836-46E5-4CD5-8BDC-4697D915FE05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06220CB8-7F16-4D3C-A835-558D5F4D97ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82917F5C-CF20-4D97-A981-FE3F8476CCFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47E42025-1D1E-4390-AC21-9A1B0FBE8D82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52651664-CA65-4812-8226-E104E1BE7864\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64E0FDB2-D5A4-4749-A182-B0B145DC00D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23B58490-C403-44D5-BDB9-88FAD19ABC2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE33A280-84E4-4B5B-AB31-7A78754413F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA3F9410-02E1-4FE9-9A4B-E504515F4615\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AAAF924-1ADE-4267-9957-DF060D1D3538\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D02863A-1355-4FFE-A6BD-C912697774A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"704E4D3D-D1D2-48D8-A68C-227CC92A1C1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80A3D0F1-DA29-4A66-A698-082DB0CFA4B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6B9B536-ADF9-4CE1-86EC-07BCDD65FB92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1755E718-C726-442B-B203-E9536C546DF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB80FC39-0FCE-49F7-9A28-CE733DBB3572\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F61496C8-9ADE-4A4E-9788-447050691727\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0780AD6-4F38-4400-AA63-E41879F74B68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86BA5BA6-1F79-4C89-A3F4-A56E2B664AED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52C7994F-AA17-467B-919E-A49F0CC9DB47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F007F6B-1EAA-468C-8159-78B020DF1E58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9053FDE-A6BE-4535-AE36-A323F8B7ACA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E255975-F952-43AB-A577-B8D331DDB3AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F9AF68-70BD-46DE-B7F2-97C9BD5182A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1D808CD-B030-4334-A286-9B3A1D35C61D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DFE9115-3E32-4A55-AB5A-83513322FE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09BD6616-B2B9-49B1-AD20-9B13D93C8F2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35A9634E-FCF4-4C67-A463-6BA5F63DD2A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D8CF5AA-7B41-4E98-8E7E-A399AAA510B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8452BA9A-F56C-48E0-BDBA-9095AF78F521\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2CE3B06-353C-4623-9EF4-78814DCB0D7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD968EA0-616D-4A22-A15D-C66918E71761\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE45FF20-1E52-46B6-9B38-07E5A6D6FD6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"249F9108-758A-4118-94C1-BAC747AF45ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"978284EE-8BE8-43ED-ADA0-B90151D83EA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BA140F9-4706-4B05-826E-962A277E625A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E7D3C93-B0FC-475E-9CCA-AA8A2101781D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.7.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"270CA092-1AF1-48D4-8695-E7DB694969C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFA94312-376E-4785-888F-3C07612E1DF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29E73FBF-2579-4660-AFFA-7F9607004226\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87FAAFFB-0589-441B-8289-8B8A6E18F705\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73B92119-793D-4A43-A056-24DB6826E759\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"093A0BC2-037C-463F-AFC5-EF11C2954EAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4F434FC-CAA4-4DBB-8094-C4ECC28B31E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68C70BB3-33B3-4E7E-99D5-FF76D4ED96AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B881B8DF-A96D-4B64-B98A-71F0D3388641\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6A97625-D39C-42D5-89E4-415A868A0972\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E4D83B4-9697-4071-AC9F-7ADC86A6B529\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F81F708-ACED-4E42-8CA9-116B5C4F5141\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C86116B-8475-40A0-A507-D4A7947F5F2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A58A2DA5-3EE7-408D-AAFA-82330F0325B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FA98EEC-2059-4CA9-92F1-72C1E0BB7EC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4C51EE7-866B-410C-B75E-EF260D5062B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F1FFD07-B874-4D3C-8E2C-9A204F1E994E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB5ACB9E-86AF-4EC1-9F36-A202429CD0F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD1E4527-AAE2-4DA9-AFDA-6375839F7843\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F0AF047-EAE9-4C77-BCEF-5CB26F84C742\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2ED03874-4071-4382-8A46-8B3A59E601FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF84E043-DF3C-4A95-8FDA-B0FDCD795377\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9498087-9642-4A86-B3EE-1513C55A86E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36C229AB-2851-48D4-815A-63AAB4462A24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DA4BCFC-8237-4F5C-9863-523EE7D8619B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07693A92-7D84-45A1-ACD6-D83AE41D504B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C78050A-A5FB-427B-BF0D-0353B240A4FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85E76AE7-12AC-4419-AE66-43730B173B4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D803EC9-26EE-4799-A435-C782C92739CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EEF87CD-2335-4886-A65C-4E33775AEC52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"953EB81A-1B53-4A57-9F59-D4A7D37E657E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CB534BC-3E4D-4484-AFD0-69524B1F07F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D401072-6709-4921-8918-720F28D61E24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0EA3467-4205-4C41-AF24-689330F7396B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BE94E38-5F29-4AE1-8129-7F7582C2CC75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEF603AD-D69B-4DD8-A7F4-6BEFD355EF29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6BD1665-7824-4D98-A930-432CBDA4EAD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8056E69-22FA-4935-A576-916805D90C62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.4.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A80BBBE-DB5E-460A-8621-6E28D2BD6E44\"}]}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sql-inj-LOYAFcfq\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-20471\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-24T14:16:17.727790Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"firepower_management_center\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.2.3\"}, {\"status\": \"affected\", \"version\": \"6.2.3.1\"}, {\"status\": \"affected\", \"version\": \"6.2.3.2\"}, {\"status\": \"affected\", \"version\": \"6.2.3.3\"}, {\"status\": \"affected\", \"version\": \"6.2.3.4\"}, {\"status\": \"affected\", \"version\": \"6.2.3.5\"}, {\"status\": \"affected\", \"version\": \"6.2.3.6\"}, {\"status\": \"affected\", \"version\": \"6.2.3.7\"}, {\"status\": \"affected\", \"version\": \"6.2.3.9\"}, {\"status\": \"affected\", \"version\": \"6.2.3.10\"}, {\"status\": \"affected\", \"version\": \"6.2.3.11\"}, {\"status\": \"affected\", \"version\": \"6.2.3.12\"}, {\"status\": \"affected\", \"version\": \"6.2.3.13\"}, {\"status\": \"affected\", \"version\": \"6.2.3.14\"}, {\"status\": \"affected\", \"version\": \"6.2.3.15\"}, {\"status\": \"affected\", \"version\": \"6.2.3.8\"}, {\"status\": \"affected\", \"version\": \"6.2.3.16\"}, {\"status\": \"affected\", \"version\": \"6.2.3.17\"}, {\"status\": \"affected\", \"version\": \"6.2.3.18\"}, {\"status\": \"affected\", \"version\": \"6.4.0\"}, {\"status\": \"affected\", \"version\": \"6.4.0.1\"}, {\"status\": \"affected\", \"version\": \"6.4.0.3\"}, {\"status\": \"affected\", \"version\": \"6.4.0.2\"}, {\"status\": \"affected\", \"version\": \"6.4.0.4\"}, {\"status\": \"affected\", \"version\": \"6.4.0.5\"}, {\"status\": \"affected\", \"version\": \"6.4.0.6\"}, {\"status\": \"affected\", \"version\": \"6.4.0.7\"}, {\"status\": \"affected\", \"version\": \"6.4.0.8\"}, {\"status\": \"affected\", \"version\": \"6.4.0.9\"}, {\"status\": \"affected\", \"version\": \"6.4.0.10\"}, {\"status\": \"affected\", \"version\": \"6.4.0.11\"}, {\"status\": \"affected\", \"version\": \"6.4.0.12\"}, {\"status\": \"affected\", \"version\": \"6.4.0.13\"}, {\"status\": \"affected\", \"version\": \"6.4.0.14\"}, {\"status\": \"affected\", \"version\": \"6.4.0.15\"}, {\"status\": \"affected\", \"version\": \"6.4.0.16\"}, {\"status\": \"affected\", \"version\": \"6.4.0.17\"}, {\"status\": \"affected\", \"version\": \"6.4.0.18\"}, {\"status\": \"affected\", \"version\": \"6.6.0\"}, {\"status\": \"affected\", \"version\": \"6.6.0.1\"}, {\"status\": \"affected\", \"version\": \"6.6.1\"}, {\"status\": \"affected\", \"version\": \"6.6.3\"}, {\"status\": \"affected\", \"version\": \"6.6.4\"}, {\"status\": \"affected\", \"version\": \"6.6.5\"}, {\"status\": \"affected\", \"version\": \"6.6.5.1\"}, {\"status\": \"affected\", \"version\": \"6.6.5.2\"}, {\"status\": \"affected\", \"version\": \"6.6.7\"}, {\"status\": \"affected\", \"version\": \"6.6.7.1\"}, {\"status\": \"affected\", \"version\": \"6.6.7.2\"}, {\"status\": \"affected\", \"version\": \"6.7.0\"}, {\"status\": \"affected\", \"version\": \"6.7.0.1\"}, {\"status\": \"affected\", \"version\": \"6.7.0.2\"}, {\"status\": \"affected\", \"version\": \"6.7.0.3\"}, {\"status\": \"affected\", \"version\": \"7.0.0\"}, {\"status\": \"affected\", \"version\": \"7.0.0.1\"}, {\"status\": \"affected\", \"version\": \"7.0.1\"}, {\"status\": \"affected\", \"version\": \"7.0.1.1\"}, {\"status\": \"affected\", \"version\": \"7.0.2\"}, {\"status\": \"affected\", \"version\": \"7.0.2.1\"}, {\"status\": \"affected\", \"version\": \"7.0.3\"}, {\"status\": \"affected\", \"version\": \"7.0.4\"}, {\"status\": \"affected\", \"version\": \"7.0.5\"}, {\"status\": \"affected\", \"version\": \"7.0.6\"}, {\"status\": \"affected\", \"version\": \"7.0.6.1\"}, {\"status\": \"affected\", \"version\": \"7.0.6.2\"}, {\"status\": \"affected\", \"version\": \"7.1.0\"}, {\"status\": \"affected\", \"version\": \"7.1.0.1\"}, {\"status\": \"affected\", \"version\": \"7.1.0.2\"}, {\"status\": \"affected\", \"version\": \"7.1.0.3\"}, {\"status\": \"affected\", \"version\": \"7.2.0\"}, {\"status\": \"affected\", \"version\": \"7.2.1\"}, {\"status\": \"affected\", \"version\": \"7.2.2\"}, {\"status\": \"affected\", \"version\": \"7.2.0.1\"}, {\"status\": \"affected\", \"version\": \"7.2.3\"}, {\"status\": \"affected\", \"version\": \"7.2.3.1\"}, {\"status\": \"affected\", \"version\": \"7.2.4\"}, {\"status\": \"affected\", \"version\": \"7.2.4.1\"}, {\"status\": \"affected\", \"version\": \"7.2.5\"}, {\"status\": \"affected\", \"version\": \"7.2.5.1\"}, {\"status\": \"affected\", \"version\": \"7.2.6\"}, {\"status\": \"affected\", \"version\": \"7.2.7\"}, {\"status\": \"affected\", \"version\": \"7.2.5.2\"}, {\"status\": \"affected\", \"version\": \"7.2.8\"}, {\"status\": \"affected\", \"version\": \"7.2.8.1\"}, {\"status\": \"affected\", \"version\": \"7.3.0\"}, {\"status\": \"affected\", \"version\": \"7.3.1\"}, {\"status\": \"affected\", \"version\": \"7.3.1.1\"}, {\"status\": \"affected\", \"version\": \"7.3.1.2\"}, {\"status\": \"affected\", \"version\": \"7.4.0\"}, {\"status\": \"affected\", \"version\": \"7.4.1\"}, {\"status\": \"affected\", \"version\": \"7.4.1.1\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-24T14:25:53.638Z\"}}], \"cna\": {\"source\": {\"defects\": [\"CSCwi78596\"], \"advisory\": \"cisco-sa-fmc-sql-inj-LOYAFcfq\", \"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Firepower Management Center\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.2.3\"}, {\"status\": \"affected\", \"version\": \"6.2.3.1\"}, {\"status\": \"affected\", \"version\": \"6.2.3.2\"}, {\"status\": \"affected\", \"version\": \"6.2.3.3\"}, {\"status\": \"affected\", \"version\": \"6.2.3.4\"}, {\"status\": \"affected\", \"version\": \"6.2.3.5\"}, {\"status\": \"affected\", \"version\": \"6.2.3.6\"}, {\"status\": \"affected\", \"version\": \"6.2.3.7\"}, {\"status\": \"affected\", \"version\": \"6.2.3.9\"}, {\"status\": \"affected\", \"version\": \"6.2.3.10\"}, {\"status\": \"affected\", \"version\": \"6.2.3.11\"}, {\"status\": \"affected\", \"version\": \"6.2.3.12\"}, {\"status\": \"affected\", \"version\": \"6.2.3.13\"}, {\"status\": \"affected\", \"version\": \"6.2.3.14\"}, {\"status\": \"affected\", \"version\": \"6.2.3.15\"}, {\"status\": \"affected\", \"version\": \"6.2.3.8\"}, {\"status\": \"affected\", \"version\": \"6.2.3.16\"}, {\"status\": \"affected\", \"version\": \"6.2.3.17\"}, {\"status\": \"affected\", \"version\": \"6.2.3.18\"}, {\"status\": \"affected\", \"version\": \"6.4.0\"}, {\"status\": \"affected\", \"version\": \"6.4.0.1\"}, {\"status\": \"affected\", \"version\": \"6.4.0.3\"}, {\"status\": \"affected\", \"version\": \"6.4.0.2\"}, {\"status\": \"affected\", \"version\": \"6.4.0.4\"}, {\"status\": \"affected\", \"version\": \"6.4.0.5\"}, {\"status\": \"affected\", \"version\": \"6.4.0.6\"}, {\"status\": \"affected\", \"version\": \"6.4.0.7\"}, {\"status\": \"affected\", \"version\": \"6.4.0.8\"}, {\"status\": \"affected\", \"version\": \"6.4.0.9\"}, {\"status\": \"affected\", \"version\": \"6.4.0.10\"}, {\"status\": \"affected\", \"version\": \"6.4.0.11\"}, {\"status\": \"affected\", \"version\": \"6.4.0.12\"}, {\"status\": \"affected\", \"version\": \"6.4.0.13\"}, {\"status\": \"affected\", \"version\": \"6.4.0.14\"}, {\"status\": \"affected\", \"version\": \"6.4.0.15\"}, {\"status\": \"affected\", \"version\": \"6.4.0.16\"}, {\"status\": \"affected\", \"version\": \"6.4.0.17\"}, {\"status\": \"affected\", \"version\": \"6.4.0.18\"}, {\"status\": \"affected\", \"version\": \"6.6.0\"}, {\"status\": \"affected\", \"version\": \"6.6.0.1\"}, {\"status\": \"affected\", \"version\": \"6.6.1\"}, {\"status\": \"affected\", \"version\": \"6.6.3\"}, {\"status\": \"affected\", \"version\": \"6.6.4\"}, {\"status\": \"affected\", \"version\": \"6.6.5\"}, {\"status\": \"affected\", \"version\": \"6.6.5.1\"}, {\"status\": \"affected\", \"version\": \"6.6.5.2\"}, {\"status\": \"affected\", \"version\": \"6.6.7\"}, {\"status\": \"affected\", \"version\": \"6.6.7.1\"}, {\"status\": \"affected\", \"version\": \"6.6.7.2\"}, {\"status\": \"affected\", \"version\": \"6.7.0\"}, {\"status\": \"affected\", \"version\": \"6.7.0.1\"}, {\"status\": \"affected\", \"version\": \"6.7.0.2\"}, {\"status\": \"affected\", \"version\": \"6.7.0.3\"}, {\"status\": \"affected\", \"version\": \"7.0.0\"}, {\"status\": \"affected\", \"version\": \"7.0.0.1\"}, {\"status\": \"affected\", \"version\": \"7.0.1\"}, {\"status\": \"affected\", \"version\": \"7.0.1.1\"}, {\"status\": \"affected\", \"version\": \"7.0.2\"}, {\"status\": \"affected\", \"version\": \"7.0.2.1\"}, {\"status\": \"affected\", \"version\": \"7.0.3\"}, {\"status\": \"affected\", \"version\": \"7.0.4\"}, {\"status\": \"affected\", \"version\": \"7.0.5\"}, {\"status\": \"affected\", \"version\": \"7.0.6\"}, {\"status\": \"affected\", \"version\": \"7.0.6.1\"}, {\"status\": \"affected\", \"version\": \"7.0.6.2\"}, {\"status\": \"affected\", \"version\": \"7.1.0\"}, {\"status\": \"affected\", \"version\": \"7.1.0.1\"}, {\"status\": \"affected\", \"version\": \"7.1.0.2\"}, {\"status\": \"affected\", \"version\": \"7.1.0.3\"}, {\"status\": \"affected\", \"version\": \"7.2.0\"}, {\"status\": \"affected\", \"version\": \"7.2.1\"}, {\"status\": \"affected\", \"version\": \"7.2.2\"}, {\"status\": \"affected\", \"version\": \"7.2.0.1\"}, {\"status\": \"affected\", \"version\": \"7.2.3\"}, {\"status\": \"affected\", \"version\": \"7.2.3.1\"}, {\"status\": \"affected\", \"version\": \"7.2.4\"}, {\"status\": \"affected\", \"version\": \"7.2.4.1\"}, {\"status\": \"affected\", \"version\": \"7.2.5\"}, {\"status\": \"affected\", \"version\": \"7.2.5.1\"}, {\"status\": \"affected\", \"version\": \"7.2.6\"}, {\"status\": \"affected\", \"version\": \"7.2.7\"}, {\"status\": \"affected\", \"version\": \"7.2.5.2\"}, {\"status\": \"affected\", \"version\": \"7.2.8\"}, {\"status\": \"affected\", \"version\": \"7.2.8.1\"}, {\"status\": \"affected\", \"version\": \"7.3.0\"}, {\"status\": \"affected\", \"version\": \"7.3.1\"}, {\"status\": \"affected\", \"version\": \"7.3.1.1\"}, {\"status\": \"affected\", \"version\": \"7.3.1.2\"}, {\"status\": \"affected\", \"version\": \"7.4.0\"}, {\"status\": \"affected\", \"version\": \"7.4.1\"}, {\"status\": \"affected\", \"version\": \"7.4.1.1\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sql-inj-LOYAFcfq\", \"name\": \"cisco-sa-fmc-sql-inj-LOYAFcfq\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.\\r\\n\\r This vulnerability exists because the web-based management interface does not validate user input adequately. An attacker could exploit this vulnerability by authenticating to the application as an Administrator and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to obtain unauthorized data from the database and make changes to the system. To exploit this vulnerability, an attacker would need Administrator-level privileges.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-89\", \"description\": \"Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2024-10-23T17:47:42.116Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-20471\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-24T14:26:22.403Z\", \"dateReserved\": \"2023-11-08T15:08:07.681Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2024-10-23T17:47:42.116Z\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…