Lucene search

K
ciscoCiscoCISCO-SA-FMC-XSS-SFPECVGT
HistoryApr 27, 2022 - 4:00 p.m.

Cisco Firepower Management Center Software Cross-Site Scripting Vulnerability

2022-04-2716:00:00
tools.cisco.com
85
cisco
firepower management center
cross-site scripting
vulnerability
web-based management
remote attacker
exploit
software updates

EPSS

0.001

Percentile

49.1%

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack.

This vulnerability is due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by convincing a user to click a link designed to pass malicious input to the interface. A successful exploit could allow the attacker to conduct cross-site scripting attacks and gain access to sensitive browser-based information.

Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-SfpEcvGT [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-SfpEcvGT”]

This advisory is part of the April 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: April 2022 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74836”].

Affected configurations

Vulners
Node
ciscofirepower_management_centerMatch6.2
OR
ciscofirepower_management_centerMatch6.2.3
OR
ciscofirepower_management_centerMatch6.2.3.1
OR
ciscofirepower_management_centerMatch6.2.3.2
OR
ciscofirepower_management_centerMatch6.2.3.3
OR
ciscofirepower_management_centerMatch6.2.3.4
OR
ciscofirepower_management_centerMatch6.2.3.5
OR
ciscofirepower_management_centerMatch6.2.3.6
OR
ciscofirepower_management_centerMatch6.2.3.7
OR
ciscofirepower_management_centerMatch6.2.3.9
OR
ciscofirepower_management_centerMatch6.2.3.10
OR
ciscofirepower_management_centerMatch6.2.3.11
OR
ciscofirepower_management_centerMatch6.2.3.12
OR
ciscofirepower_management_centerMatch6.2.3.13
OR
ciscofirepower_management_centerMatch6.2.3.14
OR
ciscofirepower_management_centerMatch6.2.3.15
OR
ciscofirepower_management_centerMatch6.2.3.8
OR
ciscofirepower_management_centerMatch6.2.3.16
OR
ciscofirepower_management_centerMatch6.2.3.17
OR
ciscofirepower_management_centerMatch6.2.3.18
OR
ciscofirepower_management_centerMatch6.4
OR
ciscofirepower_management_centerMatch6.4.0
OR
ciscofirepower_management_centerMatch6.4.0.1
OR
ciscofirepower_management_centerMatch6.4.0.3
OR
ciscofirepower_management_centerMatch6.4.0.2
OR
ciscofirepower_management_centerMatch6.4.0.4
OR
ciscofirepower_management_centerMatch6.4.0.5
OR
ciscofirepower_management_centerMatch6.4.0.6
OR
ciscofirepower_management_centerMatch6.4.0.7
OR
ciscofirepower_management_centerMatch6.4.0.8
OR
ciscofirepower_management_centerMatch6.4.0.9
OR
ciscofirepower_management_centerMatch6.4.0.10
OR
ciscofirepower_management_centerMatch6.4.0.11
OR
ciscofirepower_management_centerMatch6.4.0.12
OR
ciscofirepower_management_centerMatch6.4.0.13
OR
ciscofirepower_management_centerMatch6.4.0.14
OR
ciscofirepower_management_centerMatch6.6
OR
ciscofirepower_management_centerMatch6.6.0
OR
ciscofirepower_management_centerMatch6.6.0.1
OR
ciscofirepower_management_centerMatch6.6.1
OR
ciscofirepower_management_centerMatch6.6.3
OR
ciscofirepower_management_centerMatch6.6.4
OR
ciscofirepower_management_centerMatch6.6.5
OR
ciscofirepower_management_centerMatch6.6.5.1
OR
ciscofirepower_management_centerMatch6.7
OR
ciscofirepower_management_centerMatch6.7.0
OR
ciscofirepower_management_centerMatch6.7.0.1
OR
ciscofirepower_management_centerMatch6.7.0.2
OR
ciscofirepower_management_centerMatch6.7.0.3
OR
ciscofirepower_management_centerMatch7.0
OR
ciscofirepower_management_centerMatch7.0.0
OR
ciscofirepower_management_centerMatch7.0.0.1
OR
ciscofirepower_management_centerMatch7.0.1
OR
ciscofirepower_management_centerMatch7.0.1.1
OR
ciscofirepower_management_centerMatch7.1
OR
ciscofirepower_management_centerMatch7.1.0
OR
ciscofirepower_management_center
VendorProductVersionCPE
ciscofirepower_management_center6.2cpe:2.3:a:cisco:firepower_management_center:6.2:*:*:*:*:*:*:*
ciscofirepower_management_center6.2.3cpe:2.3:a:cisco:firepower_management_center:6.2.3:*:*:*:*:*:*:*
ciscofirepower_management_center6.2.3.1cpe:2.3:a:cisco:firepower_management_center:6.2.3.1:*:*:*:*:*:*:*
ciscofirepower_management_center6.2.3.2cpe:2.3:a:cisco:firepower_management_center:6.2.3.2:*:*:*:*:*:*:*
ciscofirepower_management_center6.2.3.3cpe:2.3:a:cisco:firepower_management_center:6.2.3.3:*:*:*:*:*:*:*
ciscofirepower_management_center6.2.3.4cpe:2.3:a:cisco:firepower_management_center:6.2.3.4:*:*:*:*:*:*:*
ciscofirepower_management_center6.2.3.5cpe:2.3:a:cisco:firepower_management_center:6.2.3.5:*:*:*:*:*:*:*
ciscofirepower_management_center6.2.3.6cpe:2.3:a:cisco:firepower_management_center:6.2.3.6:*:*:*:*:*:*:*
ciscofirepower_management_center6.2.3.7cpe:2.3:a:cisco:firepower_management_center:6.2.3.7:*:*:*:*:*:*:*
ciscofirepower_management_center6.2.3.9cpe:2.3:a:cisco:firepower_management_center:6.2.3.9:*:*:*:*:*:*:*
Rows per page:
1-10 of 571

EPSS

0.001

Percentile

49.1%

Related for CISCO-SA-FMC-XSS-SFPECVGT