gsd-2023-20155
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
A vulnerability in a logging API in Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause the device to become unresponsive or trigger an unexpected reload. This vulnerability could also allow an attacker with valid user credentials, but not Administrator privileges, to view a system log file that they would not normally have access to. This vulnerability is due to a lack of rate-limiting of requests that are sent to a specific API that is related to an FMC log. An attacker could exploit this vulnerability by sending a high rate of HTTP requests to the API. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to the FMC CPU spiking to 100 percent utilization or to the device reloading. CPU utilization would return to normal if the attack traffic was stopped before an unexpected reload was triggered.
Aliases
Aliases
{ GSD: { alias: "CVE-2023-20155", id: "GSD-2023-20155", }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2023-20155", ], details: "A vulnerability in a logging API in Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause the device to become unresponsive or trigger an unexpected reload. This vulnerability could also allow an attacker with valid user credentials, but not Administrator privileges, to view a system log file that they would not normally have access to. This vulnerability is due to a lack of rate-limiting of requests that are sent to a specific API that is related to an FMC log. An attacker could exploit this vulnerability by sending a high rate of HTTP requests to the API. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to the FMC CPU spiking to 100 percent utilization or to the device reloading. CPU utilization would return to normal if the attack traffic was stopped before an unexpected reload was triggered.", id: "GSD-2023-20155", modified: "2023-12-13T01:20:28.566172Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2023-20155", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Firepower Management Center", version: { version_data: [ { version_affected: "=", version_value: "6.2.3", }, { version_affected: "=", version_value: "6.2.3.1", }, { version_affected: "=", version_value: "6.2.3.2", }, { version_affected: "=", version_value: "6.2.3.3", }, { version_affected: "=", version_value: "6.2.3.4", }, { version_affected: "=", version_value: "6.2.3.5", }, { version_affected: "=", version_value: "6.2.3.6", }, { version_affected: "=", version_value: "6.2.3.7", }, { version_affected: "=", version_value: "6.2.3.9", }, { version_affected: "=", version_value: "6.2.3.10", }, { version_affected: "=", version_value: "6.2.3.11", }, { version_affected: "=", version_value: "6.2.3.12", }, { version_affected: "=", version_value: "6.2.3.13", }, { version_affected: "=", version_value: "6.2.3.14", }, { version_affected: "=", version_value: "6.2.3.15", }, { version_affected: "=", version_value: "6.2.3.8", }, { version_affected: "=", version_value: "6.2.3.16", }, { version_affected: "=", version_value: "6.2.3.17", }, { version_affected: "=", version_value: "6.2.3.18", }, { version_affected: "=", version_value: "6.4.0", }, { version_affected: "=", version_value: "6.4.0.1", }, { version_affected: "=", version_value: "6.4.0.3", }, { version_affected: "=", version_value: "6.4.0.2", }, { version_affected: "=", version_value: "6.4.0.4", }, { version_affected: "=", version_value: "6.4.0.5", }, { version_affected: "=", version_value: "6.4.0.6", }, { version_affected: "=", version_value: "6.4.0.7", }, { version_affected: "=", version_value: "6.4.0.8", }, { version_affected: "=", version_value: "6.4.0.9", }, { version_affected: "=", version_value: "6.4.0.10", }, { version_affected: "=", version_value: "6.4.0.11", }, { version_affected: "=", version_value: "6.4.0.12", }, { version_affected: "=", version_value: "6.4.0.13", }, { version_affected: "=", version_value: "6.4.0.14", }, { version_affected: "=", version_value: "6.4.0.15", }, { version_affected: "=", version_value: "6.4.0.16", }, { version_affected: "=", version_value: "6.6.0", }, { version_affected: "=", version_value: "6.6.0.1", }, { version_affected: "=", version_value: "6.6.1", }, { version_affected: "=", version_value: "6.6.3", }, { version_affected: "=", version_value: "6.6.4", }, { version_affected: "=", version_value: "6.6.5", }, { version_affected: "=", version_value: "6.6.5.1", }, { version_affected: "=", version_value: "6.6.5.2", }, { version_affected: "=", version_value: "6.6.7", }, { version_affected: "=", version_value: "6.6.7.1", }, { version_affected: "=", version_value: "6.7.0", }, { version_affected: "=", version_value: "6.7.0.1", }, { version_affected: "=", version_value: "6.7.0.2", }, { version_affected: "=", version_value: "6.7.0.3", }, { version_affected: "=", version_value: "7.0.0", }, { version_affected: "=", version_value: "7.0.0.1", }, { version_affected: "=", version_value: "7.0.1", }, { version_affected: "=", version_value: "7.0.1.1", }, { version_affected: "=", version_value: "7.0.2", }, { version_affected: "=", version_value: "7.0.2.1", }, { version_affected: "=", version_value: "7.0.3", }, { version_affected: "=", version_value: "7.0.4", }, { version_affected: "=", version_value: "7.0.5", }, { version_affected: "=", version_value: "7.1.0", }, { version_affected: "=", version_value: "7.1.0.1", }, { version_affected: "=", version_value: "7.1.0.2", }, { version_affected: "=", version_value: "7.1.0.3", }, { version_affected: "=", version_value: "7.2.0", }, { version_affected: "=", version_value: "7.2.1", }, { version_affected: "=", version_value: "7.2.2", }, { version_affected: "=", version_value: "7.2.0.1", }, { version_affected: "=", version_value: "7.2.3", }, { version_affected: "=", version_value: "7.2.3.1", }, { version_affected: "=", version_value: "7.3.0", }, { version_affected: "=", version_value: "7.3.1", }, { version_affected: "=", version_value: "7.3.1.1", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in a logging API in Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause the device to become unresponsive or trigger an unexpected reload. This vulnerability could also allow an attacker with valid user credentials, but not Administrator privileges, to view a system log file that they would not normally have access to. This vulnerability is due to a lack of rate-limiting of requests that are sent to a specific API that is related to an FMC log. An attacker could exploit this vulnerability by sending a high rate of HTTP requests to the API. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to the FMC CPU spiking to 100 percent utilization or to the device reloading. CPU utilization would return to normal if the attack traffic was stopped before an unexpected reload was triggered.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: [ { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, ], }, problemtype: { problemtype_data: [ { description: [ { cweId: "CWE-770", lang: "eng", value: "Allocation of Resources Without Limits or Throttling", }, ], }, ], }, references: { reference_data: [ { name: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-logview-dos-AYJdeX55", refsource: "MISC", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-logview-dos-AYJdeX55", }, ], }, source: { advisory: "cisco-sa-fmc-logview-dos-AYJdeX55", defects: [ "CSCwe51893", ], discovery: "INTERNAL", }, }, "nvd.nist.gov": { cve: { configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", matchCriteriaId: "B6BF3D02-3BA0-4736-B78D-3634E3E91623", versionEndIncluding: "6.2.3.18", versionStartIncluding: "6.2.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", matchCriteriaId: "6FBA1598-02FE-4855-8449-E2FF06EF8276", versionEndIncluding: "6.4.0.16", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", matchCriteriaId: "AF3259C7-8F36-46B1-A1BA-C2F9AC165A2D", versionEndIncluding: "6.6.7.1", versionStartIncluding: "6.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", matchCriteriaId: "0BE29E8B-5D64-4CF6-B8CB-A38E991A9BB9", versionEndIncluding: "7.0.5", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", matchCriteriaId: "749D90E8-9009-4F05-8C5E-2521A9BC7D32", versionEndIncluding: "7.1.0.3", versionStartIncluding: "7.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", matchCriteriaId: "D44E33FB-20A2-448B-A901-3BD383E45F2B", versionEndIncluding: "7.2.3.1", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", matchCriteriaId: "E355BD8E-18E7-4405-8F32-0A191DCE0774", versionEndIncluding: "7.3.1.1", versionStartIncluding: "7.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability in a logging API in Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause the device to become unresponsive or trigger an unexpected reload. This vulnerability could also allow an attacker with valid user credentials, but not Administrator privileges, to view a system log file that they would not normally have access to. This vulnerability is due to a lack of rate-limiting of requests that are sent to a specific API that is related to an FMC log. An attacker could exploit this vulnerability by sending a high rate of HTTP requests to the API. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to the FMC CPU spiking to 100 percent utilization or to the device reloading. CPU utilization would return to normal if the attack traffic was stopped before an unexpected reload was triggered.", }, { lang: "es", value: "Una vulnerabilidad en una API de registro en el software Cisco Firepower Management Center (FMC) podrĂa permitir que un atacante remoto no autenticado haga que el dispositivo deje de responder o desencadene una recarga inesperada. Esta vulnerabilidad tambiĂ©n podrĂa permitir que un atacante con credenciales de usuario válidas, pero sin privilegios de administrador, vea un archivo de registro del sistema al que normalmente no tendrĂa acceso. Esta vulnerabilidad se debe a la falta de limitaciĂłn de la velocidad de las solicitudes que se envĂan a una API especĂfica relacionada con un registro FMC. Un atacante podrĂa aprovechar esta vulnerabilidad enviando una alta tasa de solicitudes HTTP a la API. Un exploit exitoso podrĂa permitir al atacante causar una condiciĂłn de DenegaciĂłn de Servicio (DoS) debido a que la CPU del FMC alcanza el 100 por ciento de utilizaciĂłn o a que el dispositivo se recarga. La utilizaciĂłn de la CPU volverĂa a la normalidad si el tráfico de ataque se detuviera antes de que se desencadenara una recarga inesperada.", }, ], id: "CVE-2023-20155", lastModified: "2024-01-25T17:15:31.683", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "ykramarz@cisco.com", type: "Secondary", }, ], }, published: "2023-11-01T17:15:11.217", references: [ { source: "ykramarz@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-logview-dos-AYJdeX55", }, ], sourceIdentifier: "ykramarz@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-770", }, ], source: "ykramarz@cisco.com", type: "Secondary", }, ], }, }, }, }
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.