Lucene search
CiscoCISCO-SA-FMC-WEBREDIRECT-TCFGD42YHistoryMay 06, 2020 - 4:00 p.m.
Cisco Firepower Management Center Open Redirect Vulnerability
2020-05-0616:00:00
tools.cisco.com
10
0.001 Low
EPSS
Percentile
47.0%
A vulnerability in the web interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.
The vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerability by intercepting and modifying an HTTP request from a user. A successful exploit could allow the attacker to redirect the user to a specific malicious web page.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-webredirect-TcFgd42y [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-webredirect-TcFgd42y”]
Affected configurations
Node
ciscofirepower_management_centerMatch5.4
ORciscofirepower_management_centerMatch6.0
ORciscofirepower_management_centerMatch5.3
ORciscofirepower_management_centerMatch6.1
ORciscofirepower_management_centerMatch5.2
ORciscofirepower_management_centerMatch4.10
ORciscofirepower_management_centerMatch2.9
ORciscofirepower_management_centerMatch6.2
ORciscofirepower_management_centerMatchany
ORciscofirepower_management_centerMatchany
ORciscofirepower_management_centerMatch5.4.1.3
ORciscofirepower_management_centerMatch5.4.1.5
ORciscofirepower_management_centerMatch5.4.1.4
ORciscofirepower_management_centerMatch5.4.1.2
ORciscofirepower_management_centerMatch5.4.1.1
ORciscofirepower_management_centerMatch5.4.1
ORciscofirepower_management_centerMatch5.4.0
ORciscofirepower_management_centerMatch5.4.0.2
ORciscofirepower_management_centerMatch5.4.1.6
ORciscofirepower_management_centerMatch5.4.1.9
ORciscofirepower_management_centerMatchany
ORciscofirepower_management_centerMatch6.0.0
ORciscofirepower_management_centerMatch6.0.1
ORciscofirepower_management_centerMatch6.0.0.1
ORciscofirepower_management_centerMatch6.0.0.0
ORciscofirepower_management_centerMatch6.0.1.1
ORciscofirepower_management_centerMatch6.0.1.3
ORciscofirepower_management_centerMatch6.0.1.2
ORciscofirepower_management_centerMatch6.0.1.4
ORciscofirepower_management_centerMatch5.3.0.2
ORciscofirepower_management_centerMatch5.3.1.6
ORciscofirepower_management_centerMatch5.3.1.5
ORciscofirepower_management_centerMatch5.3.1.4
ORciscofirepower_management_centerMatch5.3.1.3
ORciscofirepower_management_centerMatch5.3.0.3
ORciscofirepower_management_centerMatch5.3.0
ORciscofirepower_management_centerMatch5.3.1
ORciscofirepower_management_centerMatch5.3.0.4
ORciscofirepower_management_centerMatch5.3.1.7
ORciscofirepower_management_centerMatch6.1.0
ORciscofirepower_management_centerMatch6.1.0.2
ORciscofirepower_management_centerMatch6.1.0.1
ORciscofirepower_management_centerMatch6.1.0.3
ORciscofirepower_management_centerMatch6.1.0.4
ORciscofirepower_management_centerMatch6.1.0.5
ORciscofirepower_management_centerMatch6.1.0.6
ORciscofirepower_management_centerMatch6.1.0.7
ORciscofirepower_management_centerMatchany
ORciscofirepower_management_centerMatch5.2.0
ORciscofirepower_management_centerMatchany
ORciscofirepower_management_centerMatch4.10.3
ORciscofirepower_management_centerMatch4.10.3.9
ORciscofirepower_management_centerMatch2.9.0
ORciscofirepower_management_centerMatch2.9.7.10
ORciscofirepower_management_centerMatchany
ORciscofirepower_management_centerMatch6.2.0
ORciscofirepower_management_centerMatch6.2.1
ORciscofirepower_management_centerMatch6.2.2
ORciscofirepower_management_centerMatch6.2.0.2
ORciscofirepower_management_centerMatch6.2.0.1
ORciscofirepower_management_centerMatch6.2.0.3
ORciscofirepower_management_centerMatch6.2.0.4
ORciscofirepower_management_centerMatch6.2.0.5
ORciscofirepower_management_centerMatch6.2.0.6
ORciscofirepower_management_centerMatch6.2.0.7
ORciscofirepower_management_centerMatch6.2.2.1
ORciscofirepower_management_centerMatch6.2.2.2
ORciscofirepower_management_centerMatch6.2.2.3
ORciscofirepower_management_centerMatch6.2.2.4
ORciscofirepower_management_centerMatch6.2.3
ORciscofirepower_management_centerMatch6.2.3.1
ORciscofirepower_management_centerMatch6.2.3.2
ORciscofirepower_management_centerMatch6.2.3.3
ORciscofirepower_management_centerMatch6.2.3.4
ORciscofirepower_management_centerMatch6.2.3.5
ORciscofirepower_management_centerMatch6.2.3.6
ORciscofirepower_management_centerMatch6.2.3.7
ORciscofirepower_management_centerMatch6.2.3.9
ORciscofirepower_management_centerMatch6.2.3.10
ORciscofirepower_management_centerMatch6.2.3.11
ORciscofirepower_management_centerMatch6.2.3.12
ORciscofirepower_management_centerMatch6.2.3.13
ORciscofirepower_management_centerMatch6.2.3.14
ORciscofirepower_management_centerMatchany
Related
nessus
nessus
cve
cve
CVE-2020-3311
2020-05-06 17:15:13
nvd
nvd
CVE-2020-3311
2020-05-06 17:15:13
cvelist
cvelist
CVE-2020-3311 Cisco Firepower Management Center Open Redirect Vulnerability
2020-05-06 00:00:00
prion
prion
Input validation
2020-05-06 17:15:00