CVE-2024-20388
Vulnerability from cvelistv5
Published
2024-10-23 17:35
Modified
2024-10-24 16:24
Severity ?
EPSS score ?
Summary
A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device.
This vulnerability is due to improper authentication of password update responses. An attacker could exploit this vulnerability by forcing a password reset on an affected device. A successful exploit could allow the attacker to determine valid user names in the unauthenticated response to a forced password reset.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Cisco | Cisco Firepower Management Center |
Version: 6.2.3 Version: 6.2.3.1 Version: 6.2.3.2 Version: 6.2.3.3 Version: 6.2.3.4 Version: 6.2.3.5 Version: 6.2.3.6 Version: 6.2.3.7 Version: 6.2.3.9 Version: 6.2.3.10 Version: 6.2.3.11 Version: 6.2.3.12 Version: 6.2.3.13 Version: 6.2.3.14 Version: 6.2.3.15 Version: 6.2.3.8 Version: 6.2.3.16 Version: 6.2.3.17 Version: 6.2.3.18 Version: 6.4.0 Version: 6.4.0.1 Version: 6.4.0.3 Version: 6.4.0.2 Version: 6.4.0.4 Version: 6.4.0.5 Version: 6.4.0.6 Version: 6.4.0.7 Version: 6.4.0.8 Version: 6.4.0.9 Version: 6.4.0.10 Version: 6.4.0.11 Version: 6.4.0.12 Version: 6.4.0.13 Version: 6.4.0.14 Version: 6.4.0.15 Version: 6.4.0.16 Version: 6.4.0.17 Version: 6.4.0.18 Version: 6.6.0 Version: 6.6.0.1 Version: 6.6.1 Version: 6.6.3 Version: 6.6.4 Version: 6.6.5 Version: 6.6.5.1 Version: 6.6.5.2 Version: 6.6.7 Version: 6.6.7.1 Version: 6.6.7.2 Version: 6.7.0 Version: 6.7.0.1 Version: 6.7.0.2 Version: 6.7.0.3 Version: 7.0.0 Version: 7.0.0.1 Version: 7.0.1 Version: 7.0.1.1 Version: 7.0.2 Version: 7.0.2.1 Version: 7.0.3 Version: 7.0.4 Version: 7.0.5 Version: 7.0.6 Version: 7.0.6.1 Version: 7.0.6.2 Version: 7.1.0 Version: 7.1.0.1 Version: 7.1.0.2 Version: 7.1.0.3 Version: 7.2.0 Version: 7.2.1 Version: 7.2.2 Version: 7.2.0.1 Version: 7.2.3 Version: 7.2.3.1 Version: 7.2.4 Version: 7.2.4.1 Version: 7.2.5 Version: 7.2.5.1 Version: 7.2.6 Version: 7.2.7 Version: 7.2.5.2 Version: 7.2.8 Version: 7.2.8.1 Version: 7.3.0 Version: 7.3.1 Version: 7.3.1.1 Version: 7.3.1.2 Version: 7.4.0 Version: 7.4.1 Version: 7.4.1.1 |
||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "firepower_management_center", "vendor": "cisco", "versions": [ { "lessThanOrEqual": "6.2.3.18", "status": "affected", "version": "6.2.3", "versionType": "custom" }, { "lessThanOrEqual": "6.4.0.18", "status": "affected", "version": "6.4.0", "versionType": "custom" }, { "lessThanOrEqual": "6.6.7.2", "status": "affected", "version": "6.6.0", "versionType": "custom" }, { "lessThanOrEqual": "6.7.0.3", "status": "affected", "version": "6.7.0", "versionType": "custom" }, { "lessThanOrEqual": "7.0.6.2", "status": "affected", "version": "7.0.0", "versionType": "custom" }, { "lessThanOrEqual": "7.1.0.3", "status": "affected", "version": "7.1.0", "versionType": "custom" }, { "lessThanOrEqual": "7.2.8.1", "status": "affected", "version": "7.2.0", "versionType": "custom" }, { "lessThanOrEqual": "7.3.1.2", "status": "affected", "version": "7.3.0", "versionType": "custom" }, { "lessThanOrEqual": "7.4.1.1", "status": "affected", "version": "7.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "firepower_threat_defense_software", "vendor": "cisco", "versions": [ { "lessThanOrEqual": "6.4.0.18", "status": "affected", "version": "6.4.0.4", "versionType": "custom" }, { "lessThanOrEqual": "6.6.7", "status": "affected", "version": "6.6.5.1", "versionType": "custom" }, { "status": "affected", "version": "6.7.0.2" }, { "lessThanOrEqual": "7.1.0.3", "status": "affected", "version": "7.1.0.1", "versionType": "custom" }, { "status": "affected", "version": "7.2.2" }, { "status": "affected", "version": "7.4.1" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-20388", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-23T18:45:56.491861Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-24T16:24:24.678Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco Firepower Management Center", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "6.2.3" }, { "status": "affected", "version": "6.2.3.1" }, { "status": "affected", "version": "6.2.3.2" }, { "status": "affected", "version": "6.2.3.3" }, { "status": "affected", "version": "6.2.3.4" }, { "status": "affected", "version": "6.2.3.5" }, { "status": "affected", "version": "6.2.3.6" }, { "status": "affected", "version": "6.2.3.7" }, { "status": "affected", "version": "6.2.3.9" }, { "status": "affected", "version": "6.2.3.10" }, { "status": "affected", "version": "6.2.3.11" }, { "status": "affected", "version": "6.2.3.12" }, { "status": "affected", "version": "6.2.3.13" }, { "status": "affected", "version": "6.2.3.14" }, { "status": "affected", "version": "6.2.3.15" }, { "status": "affected", "version": "6.2.3.8" }, { "status": "affected", "version": "6.2.3.16" }, { "status": "affected", "version": "6.2.3.17" }, { "status": "affected", "version": "6.2.3.18" }, { "status": "affected", "version": "6.4.0" }, { "status": "affected", "version": "6.4.0.1" }, { "status": "affected", "version": "6.4.0.3" }, { "status": "affected", "version": "6.4.0.2" }, { "status": "affected", "version": "6.4.0.4" }, { "status": "affected", "version": "6.4.0.5" }, { "status": "affected", "version": "6.4.0.6" }, { "status": "affected", "version": "6.4.0.7" }, { "status": "affected", "version": "6.4.0.8" }, { "status": "affected", "version": "6.4.0.9" }, { "status": "affected", "version": "6.4.0.10" }, { "status": "affected", "version": "6.4.0.11" }, { "status": "affected", "version": "6.4.0.12" }, { "status": "affected", "version": "6.4.0.13" }, { "status": "affected", "version": "6.4.0.14" }, { "status": "affected", "version": "6.4.0.15" }, { "status": "affected", "version": "6.4.0.16" }, { "status": "affected", "version": "6.4.0.17" }, { "status": "affected", "version": "6.4.0.18" }, { "status": "affected", "version": "6.6.0" }, { "status": "affected", "version": "6.6.0.1" }, { "status": "affected", "version": "6.6.1" }, { "status": "affected", "version": "6.6.3" }, { "status": "affected", "version": "6.6.4" }, { "status": "affected", "version": "6.6.5" }, { "status": "affected", "version": "6.6.5.1" }, { "status": "affected", "version": "6.6.5.2" }, { "status": "affected", "version": "6.6.7" }, { "status": "affected", "version": "6.6.7.1" }, { "status": "affected", "version": "6.6.7.2" }, { "status": "affected", "version": "6.7.0" }, { "status": "affected", "version": "6.7.0.1" }, { "status": "affected", "version": "6.7.0.2" }, { "status": "affected", "version": "6.7.0.3" }, { "status": "affected", "version": "7.0.0" }, { "status": "affected", "version": "7.0.0.1" }, { "status": "affected", "version": "7.0.1" }, { "status": "affected", "version": "7.0.1.1" }, { "status": "affected", "version": "7.0.2" }, { "status": "affected", "version": "7.0.2.1" }, { "status": "affected", "version": "7.0.3" }, { "status": "affected", "version": "7.0.4" }, { "status": "affected", "version": "7.0.5" }, { "status": "affected", "version": "7.0.6" }, { "status": "affected", "version": "7.0.6.1" }, { "status": "affected", "version": "7.0.6.2" }, { "status": "affected", "version": "7.1.0" }, { "status": "affected", "version": "7.1.0.1" }, { "status": "affected", "version": "7.1.0.2" }, { "status": "affected", "version": "7.1.0.3" }, { "status": "affected", "version": "7.2.0" }, { "status": "affected", "version": "7.2.1" }, { "status": "affected", "version": "7.2.2" }, { "status": "affected", "version": "7.2.0.1" }, { "status": "affected", "version": "7.2.3" }, { "status": "affected", "version": "7.2.3.1" }, { "status": "affected", "version": "7.2.4" }, { "status": "affected", "version": "7.2.4.1" }, { "status": "affected", "version": "7.2.5" }, { "status": "affected", "version": "7.2.5.1" }, { "status": "affected", "version": "7.2.6" }, { "status": "affected", "version": "7.2.7" }, { "status": "affected", "version": "7.2.5.2" }, { "status": "affected", "version": "7.2.8" }, { "status": "affected", "version": "7.2.8.1" }, { "status": "affected", "version": "7.3.0" }, { "status": "affected", "version": "7.3.1" }, { "status": "affected", "version": "7.3.1.1" }, { "status": "affected", "version": "7.3.1.2" }, { "status": "affected", "version": "7.4.0" }, { "status": "affected", "version": "7.4.1" }, { "status": "affected", "version": "7.4.1.1" } ] }, { "product": "Cisco Firepower Threat Defense Software", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "6.6.5.1" }, { "status": "affected", "version": "6.6.7" }, { "status": "affected", "version": "6.4.0.4" }, { "status": "affected", "version": "6.4.0.10" }, { "status": "affected", "version": "6.4.0.12" }, { "status": "affected", "version": "6.4.0.14" }, { "status": "affected", "version": "6.4.0.16" }, { "status": "affected", "version": "6.4.0.18" }, { "status": "affected", "version": "6.7.0.2" }, { "status": "affected", "version": "7.1.0.1" }, { "status": "affected", "version": "7.1.0.3" }, { "status": "affected", "version": "7.2.2" }, { "status": "affected", "version": "7.4.1" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device.\r\n\r This vulnerability is due to improper authentication of password update responses. An attacker could exploit this vulnerability by forcing a password reset on an affected device. A successful exploit could allow the attacker to determine valid user names in the unauthenticated response to a forced password reset." } ], "exploits": [ { "lang": "en", "value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerabilities that are described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-202", "description": "Exposure of Sensitive Information Through Data Queries", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-23T17:35:24.772Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-fmc-xss-infodisc-RL4mJFer", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-infodisc-RL4mJFer" } ], "source": { "advisory": "cisco-sa-fmc-xss-infodisc-RL4mJFer", "defects": [ "CSCwj03056" ], "discovery": "EXTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2024-20388", "datePublished": "2024-10-23T17:35:24.772Z", "dateReserved": "2023-11-08T15:08:07.658Z", "dateUpdated": "2024-10-24T16:24:24.678Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2024-20388\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2024-10-23T18:15:07.697\",\"lastModified\":\"2024-11-26T16:09:02.407\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device.\\r\\n\\r This vulnerability is due to improper authentication of password update responses. An attacker could exploit this vulnerability by forcing a password reset on an affected device. A successful exploit could allow the attacker to determine valid user names in the unauthenticated response to a forced password reset.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la funci\u00f3n de cambio de contrase\u00f1a del software Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto no autenticado determine nombres de usuario v\u00e1lidos en un dispositivo afectado. Esta vulnerabilidad se debe a una autenticaci\u00f3n incorrecta de las respuestas de actualizaci\u00f3n de contrase\u00f1a. Un atacante podr\u00eda aprovechar esta vulnerabilidad al forzar el restablecimiento de contrase\u00f1a en un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante determinar nombres de usuario v\u00e1lidos en la respuesta no autenticada a un restablecimiento forzado de contrase\u00f1a.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-202\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_management_center:6.4.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A95D8B6-2D90-4EA8-B468-356EB396A273\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_management_center:6.4.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CDEF2CC-D485-4E66-9818-7C9740F37840\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_management_center:6.6.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D748B16-1C2A-4E00-807F-647569C271D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_management_center:7.0.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62950A6C-8467-4215-BCD1-010B8C491714\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_management_center:7.0.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D97494F-BA89-4E95-A01F-C2CE02505A27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_management_center:7.2.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BB537CA-0E37-471E-8DD3-7710A443224A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_management_center:7.2.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9022BCA-EDBF-4FD1-B427-573CA07E5134\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_management_center:7.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23BA0BE4-B06D-45AE-9C9D-280F1BFA7EDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_management_center:7.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B79ABCC-C95B-45AB-BE9D-454BD8174651\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_management_center:7.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4FD7D25-704B-47EB-AF36-DC684AD07807\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_management_center:7.2.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D33E431-39F5-4F73-99A1-19A05A594C90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_management_center:7.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"579DC0CE-1CEA-449F-BF76-AD7087573ACD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_management_center:7.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB3E28C0-675B-4C30-B248-BE1EB5E961C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_management_center:7.4.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C7E7A89-A9CA-45DA-8378-A50B1F9D260E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6175407A-207E-4844-B150-EA0129C4CBBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45B6E615-F42A-468F-8E40-AD28994B4B1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4B08264-DA65-4BFF-A973-FF733C7325B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE2A5330-8180-48CE-B22A-1CF24B7B1631\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACC1D72F-9542-4A62-AA90-C0E6B2095068\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4F3A97A-3359-40C7-95B0-2AB41C067141\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B68BA14B-1752-4F05-9331-D556247462C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DE72ABB-B573-43CC-A2AC-D81807970BD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"535E8ECF-5CE5-4E78-A9EF-6167F4C59C45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AE3F1C4-8C7A-48AA-83E5-6F832FA94DD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C40B7DC8-220C-4C34-A370-F1EB4B3F9EF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DB186DC-6C03-4868-8218-06BEFC0CE400\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B29670B8-F2D3-46D7-8F34-F44B320DD6FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F04DDF5-2058-4208-A608-3673872450EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9A483AC-A8CF-439C-9009-4DFAB0484BCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94E7D836-46E5-4CD5-8BDC-4697D915FE05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06220CB8-7F16-4D3C-A835-558D5F4D97ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82917F5C-CF20-4D97-A981-FE3F8476CCFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47E42025-1D1E-4390-AC21-9A1B0FBE8D82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52651664-CA65-4812-8226-E104E1BE7864\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64E0FDB2-D5A4-4749-A182-B0B145DC00D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23B58490-C403-44D5-BDB9-88FAD19ABC2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE33A280-84E4-4B5B-AB31-7A78754413F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA3F9410-02E1-4FE9-9A4B-E504515F4615\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AAAF924-1ADE-4267-9957-DF060D1D3538\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D02863A-1355-4FFE-A6BD-C912697774A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"704E4D3D-D1D2-48D8-A68C-227CC92A1C1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80A3D0F1-DA29-4A66-A698-082DB0CFA4B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6B9B536-ADF9-4CE1-86EC-07BCDD65FB92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1755E718-C726-442B-B203-E9536C546DF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB80FC39-0FCE-49F7-9A28-CE733DBB3572\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F61496C8-9ADE-4A4E-9788-447050691727\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0780AD6-4F38-4400-AA63-E41879F74B68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86BA5BA6-1F79-4C89-A3F4-A56E2B664AED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52C7994F-AA17-467B-919E-A49F0CC9DB47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F007F6B-1EAA-468C-8159-78B020DF1E58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F9AF68-70BD-46DE-B7F2-97C9BD5182A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1D808CD-B030-4334-A286-9B3A1D35C61D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DFE9115-3E32-4A55-AB5A-83513322FE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09BD6616-B2B9-49B1-AD20-9B13D93C8F2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35A9634E-FCF4-4C67-A463-6BA5F63DD2A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D8CF5AA-7B41-4E98-8E7E-A399AAA510B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8452BA9A-F56C-48E0-BDBA-9095AF78F521\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2CE3B06-353C-4623-9EF4-78814DCB0D7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD968EA0-616D-4A22-A15D-C66918E71761\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.6.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE45FF20-1E52-46B6-9B38-07E5A6D6FD6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"978284EE-8BE8-43ED-ADA0-B90151D83EA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BA140F9-4706-4B05-826E-962A277E625A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E7D3C93-B0FC-475E-9CCA-AA8A2101781D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:6.7.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"270CA092-1AF1-48D4-8695-E7DB694969C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFA94312-376E-4785-888F-3C07612E1DF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29E73FBF-2579-4660-AFFA-7F9607004226\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87FAAFFB-0589-441B-8289-8B8A6E18F705\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73B92119-793D-4A43-A056-24DB6826E759\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"093A0BC2-037C-463F-AFC5-EF11C2954EAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4F434FC-CAA4-4DBB-8094-C4ECC28B31E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68C70BB3-33B3-4E7E-99D5-FF76D4ED96AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B881B8DF-A96D-4B64-B98A-71F0D3388641\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6A97625-D39C-42D5-89E4-415A868A0972\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E4D83B4-9697-4071-AC9F-7ADC86A6B529\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A58A2DA5-3EE7-408D-AAFA-82330F0325B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FA98EEC-2059-4CA9-92F1-72C1E0BB7EC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4C51EE7-866B-410C-B75E-EF260D5062B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F1FFD07-B874-4D3C-8E2C-9A204F1E994E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB5ACB9E-86AF-4EC1-9F36-A202429CD0F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD1E4527-AAE2-4DA9-AFDA-6375839F7843\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F0AF047-EAE9-4C77-BCEF-5CB26F84C742\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2ED03874-4071-4382-8A46-8B3A59E601FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF84E043-DF3C-4A95-8FDA-B0FDCD795377\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9498087-9642-4A86-B3EE-1513C55A86E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36C229AB-2851-48D4-815A-63AAB4462A24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DA4BCFC-8237-4F5C-9863-523EE7D8619B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07693A92-7D84-45A1-ACD6-D83AE41D504B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D401072-6709-4921-8918-720F28D61E24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0EA3467-4205-4C41-AF24-689330F7396B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BE94E38-5F29-4AE1-8129-7F7582C2CC75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEF603AD-D69B-4DD8-A7F4-6BEFD355EF29\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24CD0B0A-2B91-45DD-9522-8D1D3850CC9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2A5530C-DF29-421B-9712-3454C1769446\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B05791F9-0B31-4C4C-A9BA-9268CAA45FB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6D7AF29-4E08-4BFD-AFE0-994309E66F08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6E3A5DC-A237-46E4-A4E5-F135482F984A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CE51492-8C9B-459E-9F80-64F426009905\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55FE024D-0D43-40AD-9645-8C54ECF17824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"596EC5DD-D7F4-44C8-B4B5-E2DC142FC486\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"469EA365-DED5-4436-AAC2-5553529DE700\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"795ED164-7800-4D50-8E37-665BE30190D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:7.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"724A3B6F-DDAB-4A2F-8430-9E1F352D755F\"}]}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-infodisc-RL4mJFer\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]}]}}" } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.