Lucene search

K
ciscoCiscoCISCO-SA-FMC-OBJECT-BYPASS-FTH8TDJQ
HistoryMay 22, 2024 - 4:00 p.m.

Cisco Firepower Management Center Software Object Group Access Control List Bypass Vulnerability

2024-05-2216:00:00
tools.cisco.com
3
cisco
firepower
management center
object groups
access control lists
acls
vulnerability
unauthenticated
remote attacker
bypass
access controls
cisco firepower threat defense
fmc software
ftd software
high-availability
device reboot
software updates
cisco security advisory

7.3 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

A vulnerability in the Object Groups for Access Control Lists (ACLs) feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass configured access controls on managed devices that are running Cisco Firepower Threat Defense (FTD) Software.

This vulnerability is due to the incorrect deployment of the Object Groups for ACLs feature from Cisco FMC Software to managed FTD devices in high-availability setups. After an affected device is rebooted following Object Groups for ACLs deployment, an attacker can exploit this vulnerability by sending traffic through the affected device. A successful exploit could allow the attacker to bypass configured access controls and successfully send traffic to devices that are expected to be protected by the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-object-bypass-fTH8tDjq [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-object-bypass-fTH8tDjq”]

This advisory is part of the May 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: May 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75298”].

Affected configurations

Vulners
Node
ciscofirepower_management_centerMatch7.1
OR
ciscofirepower_management_centerMatch7.2
OR
ciscofirepower_management_centerMatch7.3
OR
ciscofirepower_management_centerMatchany
OR
ciscofirepower_threat_defense_softwareMatchany
OR
ciscofirepower_management_centerMatch7.1.0
OR
ciscofirepower_management_centerMatch7.1.0.1
OR
ciscofirepower_management_centerMatch7.1.0.2
OR
ciscofirepower_management_centerMatch7.1.0.3
OR
ciscofirepower_management_centerMatch7.2.0
OR
ciscofirepower_management_centerMatch7.2.1
OR
ciscofirepower_management_centerMatch7.2.2
OR
ciscofirepower_management_centerMatch7.2.0.1
OR
ciscofirepower_management_centerMatch7.2.3
OR
ciscofirepower_management_centerMatch7.2.3.1
OR
ciscofirepower_management_centerMatch7.3.0
OR
ciscofirepower_management_centerMatch7.3.1
OR
ciscofirepower_management_centerMatchany
OR
ciscofirepower_threat_defense_softwareMatchany
OR
ciscofirepower_management_centerMatch7.1.0 when installed on Cisco Firepower Management Center Appliances
OR
ciscofirepower_management_centerMatch7.1.0.1 when installed on Cisco Firepower Management Center Appliances
OR
ciscofirepower_management_centerMatch7.1.0.2 when installed on Cisco Firepower Management Center Appliances
OR
ciscofirepower_management_centerMatch7.1.0.3 when installed on Cisco Firepower Management Center Appliances
OR
ciscofirepower_management_centerMatch7.2.0 when installed on Cisco Firepower Management Center Appliances
OR
ciscofirepower_management_centerMatch7.2.1 when installed on Cisco Firepower Management Center Appliances
OR
ciscofirepower_management_centerMatch7.2.2 when installed on Cisco Firepower Management Center Appliances
OR
ciscofirepower_management_centerMatch7.2.0.1 when installed on Cisco Firepower Management Center Appliances
OR
ciscofirepower_management_centerMatch7.2.3 when installed on Cisco Firepower Management Center Appliances
OR
ciscofirepower_management_centerMatch7.2.3.1 when installed on Cisco Firepower Management Center Appliances
OR
ciscofirepower_management_centerMatch7.3.0 when installed on Cisco Firepower Management Center Appliances
OR
ciscofirepower_management_centerMatch7.3.1 when installed on Cisco Firepower Management Center Appliances

7.3 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

Related for CISCO-SA-FMC-OBJECT-BYPASS-FTH8TDJQ