Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2018-0365
HistoryJun 21, 2018 - 11:29 a.m.

CVE-2018-0365

2018-06-2111:29:01
CWE-352
[email protected]
web.nvd.nist.gov
24
cisco
firepower
management center
vulnerability
csrf attack
nvd
cve-2018-0365

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.3%

JSON

A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based management interface of the affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions on the targeted device via a web browser and with the privileges of the user. Cisco Bug IDs: CSCvb19750.

Affected configurations

NVD
Node
ciscofirepower_management_centerMatch6.0.1
OR
ciscofirepower_management_centerMatch6.1.0
OR
ciscofirepower_management_centerMatch6.2.0
OR
ciscofirepower_management_centerMatch6.2.1
OR
ciscofirepower_management_centerMatch6.2.2
OR
ciscofirepower_management_centerMatch6.2.3
Node
ciscofirepower_appliance_8360_firmwareMatch6.0.1
OR
ciscofirepower_appliance_8360_firmwareMatch6.1.0
OR
ciscofirepower_appliance_8360_firmwareMatch6.2.0
OR
ciscofirepower_appliance_8360_firmwareMatch6.2.1
OR
ciscofirepower_appliance_8360_firmwareMatch6.2.2
OR
ciscofirepower_appliance_8360_firmwareMatch6.2.3
AND
ciscofirepower_appliance_8360
Node
ciscofirepower_management_center_2500_firmwareMatch6.0.1
OR
ciscofirepower_management_center_2500_firmwareMatch6.1.0
OR
ciscofirepower_management_center_2500_firmwareMatch6.2.0
OR
ciscofirepower_management_center_2500_firmwareMatch6.2.1
OR
ciscofirepower_management_center_2500_firmwareMatch6.2.2
OR
ciscofirepower_management_center_2500_firmwareMatch6.2.3
AND
ciscofirepower_management_center_2500
Node
ciscofirepower_appliance_8120_firmwareMatch6.0.1
OR
ciscofirepower_appliance_8120_firmwareMatch6.1.0
OR
ciscofirepower_appliance_8120_firmwareMatch6.2.0
OR
ciscofirepower_appliance_8120_firmwareMatch6.2.1
OR
ciscofirepower_appliance_8120_firmwareMatch6.2.2
OR
ciscofirepower_appliance_8120_firmwareMatch6.2.3
AND
ciscofirepower_appliance_8120
Node
ciscofirepower_appliance_8260_firmwareMatch6.0.1
OR
ciscofirepower_appliance_8260_firmwareMatch6.1.0
OR
ciscofirepower_appliance_8260_firmwareMatch6.2.0
OR
ciscofirepower_appliance_8260_firmwareMatch6.2.1
OR
ciscofirepower_appliance_8260_firmwareMatch6.2.2
OR
ciscofirepower_appliance_8260_firmwareMatch6.2.3
AND
ciscofirepower_appliance_8260
Node
ciscofirepower_appliance_7050_firmwareMatch6.0.1
OR
ciscofirepower_appliance_7050_firmwareMatch6.1.0
OR
ciscofirepower_appliance_7050_firmwareMatch6.2.0
OR
ciscofirepower_appliance_7050_firmwareMatch6.2.1
OR
ciscofirepower_appliance_7050_firmwareMatch6.2.2
OR
ciscofirepower_appliance_7050_firmwareMatch6.2.3
AND
ciscofirepower_appliance_7050
Node
ciscofirepower_appliance_8130_firmwareMatch6.0.1
OR
ciscofirepower_appliance_8130_firmwareMatch6.1.0
OR
ciscofirepower_appliance_8130_firmwareMatch6.2.0
OR
ciscofirepower_appliance_8130_firmwareMatch6.2.1
OR
ciscofirepower_appliance_8130_firmwareMatch6.2.2
OR
ciscofirepower_appliance_8130_firmwareMatch6.2.3
AND
ciscofirepower_appliance_8130
Node
ciscofirepower_appliance_8140_firmwareMatch6.0.1
OR
ciscofirepower_appliance_8140_firmwareMatch6.1.0
OR
ciscofirepower_appliance_8140_firmwareMatch6.2.0
OR
ciscofirepower_appliance_8140_firmwareMatch6.2.1
OR
ciscofirepower_appliance_8140_firmwareMatch6.2.2
OR
ciscofirepower_appliance_8140_firmwareMatch6.2.3
AND
ciscofirepower_appliance_8140
Node
ciscofirepower_appliance_8350_firmwareMatch6.0.1
OR
ciscofirepower_appliance_8350_firmwareMatch6.1.0
OR
ciscofirepower_appliance_8350_firmwareMatch6.2.0
OR
ciscofirepower_appliance_8350_firmwareMatch6.2.1
OR
ciscofirepower_appliance_8350_firmwareMatch6.2.2
OR
ciscofirepower_appliance_8350_firmwareMatch6.2.3
AND
ciscofirepower_appliance_8350
Node
ciscoamp_8150_firmwareMatch6.0.1
OR
ciscoamp_8150_firmwareMatch6.1.0
OR
ciscoamp_8150_firmwareMatch6.2.0
OR
ciscoamp_8150_firmwareMatch6.2.1
OR
ciscoamp_8150_firmwareMatch6.2.2
OR
ciscoamp_8150_firmwareMatch6.2.3
AND
ciscoamp_8150
Node
ciscoamp_7150_firmwareMatch6.0.1
OR
ciscoamp_7150_firmwareMatch6.1.0
OR
ciscoamp_7150_firmwareMatch6.2.0
OR
ciscoamp_7150_firmwareMatch6.2.1
OR
ciscoamp_7150_firmwareMatch6.2.2
OR
ciscoamp_7150_firmwareMatch6.2.3
AND
ciscoamp_7150
Node
ciscofirepower_appliance_8270_firmwareMatch6.0.1
OR
ciscofirepower_appliance_8270_firmwareMatch6.1.0
OR
ciscofirepower_appliance_8270_firmwareMatch6.2.0
OR
ciscofirepower_appliance_8270_firmwareMatch6.2.1
OR
ciscofirepower_appliance_8270_firmwareMatch6.2.2
OR
ciscofirepower_appliance_8270_firmwareMatch6.2.3
AND
ciscofirepower_appliance_8270
Node
ciscongips_virtual_applianceMatch6.0.1
OR
ciscongips_virtual_applianceMatch6.1.0
OR
ciscongips_virtual_applianceMatch6.2.0
OR
ciscongips_virtual_applianceMatch6.2.1
OR
ciscongips_virtual_applianceMatch6.2.2
OR
ciscongips_virtual_applianceMatch6.2.3
Node
ciscofirepower_appliance_8390_firmwareMatch6.0.1
OR
ciscofirepower_appliance_8390_firmwareMatch6.1.0
OR
ciscofirepower_appliance_8390_firmwareMatch6.2.0
OR
ciscofirepower_appliance_8390_firmwareMatch6.2.1
OR
ciscofirepower_appliance_8390_firmwareMatch6.2.2
OR
ciscofirepower_appliance_8390_firmwareMatch6.2.3
AND
ciscofirepower_appliance_8390
Node
ciscofirepower_management_center_4500_firmwareMatch6.0.1
OR
ciscofirepower_management_center_4500_firmwareMatch6.1.0
OR
ciscofirepower_management_center_4500_firmwareMatch6.2.0
OR
ciscofirepower_management_center_4500_firmwareMatch6.2.1
OR
ciscofirepower_management_center_4500_firmwareMatch6.2.2
OR
ciscofirepower_management_center_4500_firmwareMatch6.2.3
AND
ciscofirepower_management_center_4500
Node
ciscofirepower_appliance_8250_firmwareMatch6.0.1
OR
ciscofirepower_appliance_8250_firmwareMatch6.1.0
OR
ciscofirepower_appliance_8250_firmwareMatch6.2.0
OR
ciscofirepower_appliance_8250_firmwareMatch6.2.1
OR
ciscofirepower_appliance_8250_firmwareMatch6.2.2
OR
ciscofirepower_appliance_8250_firmwareMatch6.2.3
AND
ciscofirepower_appliance_8250
Node
ciscofiresight_management_center_750_firmwareMatch6.0.1
OR
ciscofiresight_management_center_750_firmwareMatch6.1.0
OR
ciscofiresight_management_center_750_firmwareMatch6.2.0
OR
ciscofiresight_management_center_750_firmwareMatch6.2.1
OR
ciscofiresight_management_center_750_firmwareMatch6.2.2
OR
ciscofiresight_management_center_750_firmwareMatch6.2.3
AND
ciscofiresight_management_center_750
Node
ciscofirepower_appliance_8370_firmwareMatch6.0.1
OR
ciscofirepower_appliance_8370_firmwareMatch6.1.0
OR
ciscofirepower_appliance_8370_firmwareMatch6.2.0
OR
ciscofirepower_appliance_8370_firmwareMatch6.2.1
OR
ciscofirepower_appliance_8370_firmwareMatch6.2.2
OR
ciscofirepower_appliance_8370_firmwareMatch6.2.3
AND
ciscofirepower_appliance_8370
Node
ciscofirepower_appliance_7120_firmwareMatch6.0.1
OR
ciscofirepower_appliance_7120_firmwareMatch6.1.0
OR
ciscofirepower_appliance_7120_firmwareMatch6.2.0
OR
ciscofirepower_appliance_7120_firmwareMatch6.2.1
OR
ciscofirepower_appliance_7120_firmwareMatch6.2.2
OR
ciscofirepower_appliance_7120_firmwareMatch6.2.3
AND
ciscofirepower_appliance_7120
Node
ciscofirepower_appliance_7010_firmwareMatch6.0.1
OR
ciscofirepower_appliance_7010_firmwareMatch6.1.0
OR
ciscofirepower_appliance_7010_firmwareMatch6.2.0
OR
ciscofirepower_appliance_7010_firmwareMatch6.2.1
OR
ciscofirepower_appliance_7010_firmwareMatch6.2.2
OR
ciscofirepower_appliance_7010_firmwareMatch6.2.3
AND
ciscofirepower_appliance_7010
Node
ciscofirepower_management_center_4000_firmwareMatch6.0.1
OR
ciscofirepower_management_center_4000_firmwareMatch6.1.0
OR
ciscofirepower_management_center_4000_firmwareMatch6.2.0
OR
ciscofirepower_management_center_4000_firmwareMatch6.2.1
OR
ciscofirepower_management_center_4000_firmwareMatch6.2.2
OR
ciscofirepower_management_center_4000_firmwareMatch6.2.3
AND
ciscofirepower_management_center_4000
Node
ciscofirepower_appliance_8290_firmwareMatch6.0.1
OR
ciscofirepower_appliance_8290_firmwareMatch6.1.0
OR
ciscofirepower_appliance_8290_firmwareMatch6.2.0
OR
ciscofirepower_appliance_8290_firmwareMatch6.2.1
OR
ciscofirepower_appliance_8290_firmwareMatch6.2.2
OR
ciscofirepower_appliance_8290_firmwareMatch6.2.3
AND
ciscofirepower_appliance_8290
Node
ciscofiresight_management_center_1500_firmwareMatch6.0.1
OR
ciscofiresight_management_center_1500_firmwareMatch6.1.0
OR
ciscofiresight_management_center_1500_firmwareMatch6.2.0
OR
ciscofiresight_management_center_1500_firmwareMatch6.2.1
OR
ciscofiresight_management_center_1500_firmwareMatch6.2.2
OR
ciscofiresight_management_center_1500_firmwareMatch6.2.3
AND
ciscofiresight_management_center_1500
Node
ciscofirepower_management_center_1000_firmwareMatch6.0.1
OR
ciscofirepower_management_center_1000_firmwareMatch6.1.0
OR
ciscofirepower_management_center_1000_firmwareMatch6.2.0
OR
ciscofirepower_management_center_1000_firmwareMatch6.2.1
OR
ciscofirepower_management_center_1000_firmwareMatch6.2.2
OR
ciscofirepower_management_center_1000_firmwareMatch6.2.3
AND
ciscofirepower_management_center_1000
Node
ciscofiresight_management_center_3500_firmwareMatch6.0.1
OR
ciscofiresight_management_center_3500_firmwareMatch6.1.0
OR
ciscofiresight_management_center_3500_firmwareMatch6.2.0
OR
ciscofiresight_management_center_3500_firmwareMatch6.2.1
OR
ciscofiresight_management_center_3500_firmwareMatch6.2.2
OR
ciscofiresight_management_center_3500_firmwareMatch6.2.3
AND
ciscofiresight_management_center_3500
Node
ciscofirepower_appliance_7125_firmwareMatch6.0.1
OR
ciscofirepower_appliance_7125_firmwareMatch6.1.0
OR
ciscofirepower_appliance_7125_firmwareMatch6.2.0
OR
ciscofirepower_appliance_7125_firmwareMatch6.2.1
OR
ciscofirepower_appliance_7125_firmwareMatch6.2.2
OR
ciscofirepower_appliance_7125_firmwareMatch6.2.3
AND
ciscofirepower_appliance_7125
Node
ciscofirepower_appliance_7020_firmwareMatch6.0.1
OR
ciscofirepower_appliance_7020_firmwareMatch6.1.0
OR
ciscofirepower_appliance_7020_firmwareMatch6.2.0
OR
ciscofirepower_appliance_7020_firmwareMatch6.2.1
OR
ciscofirepower_appliance_7020_firmwareMatch6.2.2
OR
ciscofirepower_appliance_7020_firmwareMatch6.2.3
AND
ciscofirepower_appliance_7020
Node
ciscofirepower_appliance_7030_firmwareMatch6.0.1
OR
ciscofirepower_appliance_7030_firmwareMatch6.1.0
OR
ciscofirepower_appliance_7030_firmwareMatch6.2.0
OR
ciscofirepower_appliance_7030_firmwareMatch6.2.1
OR
ciscofirepower_appliance_7030_firmwareMatch6.2.2
OR
ciscofirepower_appliance_7030_firmwareMatch6.2.3
AND
ciscofirepower_appliance_7030
Node
ciscofirepower_appliance_7110_firmwareMatch6.0.1
OR
ciscofirepower_appliance_7110_firmwareMatch6.1.0
OR
ciscofirepower_appliance_7110_firmwareMatch6.2.0
OR
ciscofirepower_appliance_7110_firmwareMatch6.2.1
OR
ciscofirepower_appliance_7110_firmwareMatch6.2.2
OR
ciscofirepower_appliance_7110_firmwareMatch6.2.3
AND
ciscofirepower_appliance_7110
Node
ciscofirepower_management_center_2000_firmwareMatch6.0.1
OR
ciscofirepower_management_center_2000_firmwareMatch6.1.0
OR
ciscofirepower_management_center_2000_firmwareMatch6.2.0
OR
ciscofirepower_management_center_2000_firmwareMatch6.2.1
OR
ciscofirepower_management_center_2000_firmwareMatch6.2.2
OR
ciscofirepower_management_center_2000_firmwareMatch6.2.3
AND
ciscofirepower_management_center_2000
Node
ciscofirepower_management_center_virtual_applianceMatch6.0.1
OR
ciscofirepower_management_center_virtual_applianceMatch6.1.0
OR
ciscofirepower_management_center_virtual_applianceMatch6.2.0
OR
ciscofirepower_management_center_virtual_applianceMatch6.2.1
OR
ciscofirepower_management_center_virtual_applianceMatch6.2.2
OR
ciscofirepower_management_center_virtual_applianceMatch6.2.3
Node
ciscofirepower_appliance_7115_firmwareMatch6.0.1
OR
ciscofirepower_appliance_7115_firmwareMatch6.1.0
OR
ciscofirepower_appliance_7115_firmwareMatch6.2.0
OR
ciscofirepower_appliance_7115_firmwareMatch6.2.1
OR
ciscofirepower_appliance_7115_firmwareMatch6.2.2
OR
ciscofirepower_appliance_7115_firmwareMatch6.2.3
AND
ciscofirepower_appliance_7115

CNA Affected

[
  {
    "product": "Cisco Firepower Management Center unknown",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco Firepower Management Center unknown"
      }
    ]
  }
]

Related

prion 1
cvelist 1
cisco 1
nvd 1
prion
prion
Cross site request forgery (csrf)
2018-06-21 11:29:00
cvelist
cvelist
CVE-2018-0365
2018-06-21 11:00:00
cisco
cisco
Cisco Firepower Management Center Cross-Site Request Forgery Vulnerability
2018-06-20 16:00:00
nvd
nvd
CVE-2018-0365
2018-06-21 11:29:01

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.3%

JSON
Related for CVE-2018-0365
prion1cvelist1cisco1nvd1