Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-16028 (GCVE-0-2019-16028)
Vulnerability from cvelistv5 – Published: 2020-09-23 00:26 – Updated: 2024-11-13 18:05
VLAI?
EPSS
Title
Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device.
Severity ?
9.8 (Critical)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Firepower Management Center |
Affected:
n/a
|
Date Public ?
2020-01-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:03:32.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200122 Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-16028",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:10:46.853607Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:05:07.592Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Firepower Management Center",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-01-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-23T00:26:14.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200122 Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth"
}
],
"source": {
"advisory": "cisco-sa-20200122-fmc-auth",
"defect": [
[
"CSCvr95287"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-01-22T16:00:00",
"ID": "CVE-2019-16028",
"STATE": "PUBLIC",
"TITLE": "Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Firepower Management Center",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "9.8",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200122 Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth"
}
]
},
"source": {
"advisory": "cisco-sa-20200122-fmc-auth",
"defect": [
[
"CSCvr95287"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-16028",
"datePublished": "2020-09-23T00:26:14.168Z",
"dateReserved": "2019-09-06T00:00:00.000Z",
"dateUpdated": "2024-11-13T18:05:07.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2019-16028",
"date": "2026-05-17",
"epss": "0.02549",
"percentile": "0.8565"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-16028\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2020-09-23T01:15:14.207\",\"lastModified\":\"2024-11-26T16:09:02.407\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Firepower Management Center (FMC), podr\u00eda permitir a un atacante remoto no autenticado omitir la autenticaci\u00f3n y ejecutar acciones arbitrarias con privilegios administrativos en un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido al manejo inapropiado de las respuestas de autenticaci\u00f3n Lightweight Directory Access Protocol (LDAP) de un servidor de autenticaci\u00f3n externo.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de peticiones HTTP dise\u00f1adas hacia un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante obtener acceso administrativo a la interfaz de administraci\u00f3n basada en web del dispositivo afectado\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV30\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.2.3.16\",\"matchCriteriaId\":\"3EABB3BD-4AF7-4FC1-9090-19B07F1B578D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.3.0\",\"versionEndExcluding\":\"6.3.0.6\",\"matchCriteriaId\":\"7960516D-9A46-41EE-A0FE-E139A64DD62C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.4.0\",\"versionEndExcluding\":\"6.4.0.7\",\"matchCriteriaId\":\"970816D7-3FC8-430A-BEFB-D8F3E5F84301\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.5.0\",\"versionEndExcluding\":\"6.5.0.2\",\"matchCriteriaId\":\"FBC14B4B-D535-49DF-ABA2-BB4057A4BC47\"}]}]}],\"references\":[{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth\", \"name\": \"20200122 Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T01:03:32.759Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2019-16028\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-13T17:10:46.853607Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-13T17:11:16.698Z\"}}], \"cna\": {\"title\": \"Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability\", \"source\": {\"defect\": [[\"CSCvr95287\"]], \"advisory\": \"cisco-sa-20200122-fmc-auth\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"cvssV3_0\": {\"scope\": \"UNCHANGED\", \"version\": \"3.0\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Firepower Management Center\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"datePublic\": \"2020-01-22T00:00:00.000Z\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth\", \"name\": \"20200122 Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-287\", \"description\": \"CWE-287\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2020-09-23T00:26:14.000Z\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"version\": \"3.0\", \"baseScore\": \"9.8\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\"}}, \"source\": {\"defect\": [[\"CSCvr95287\"]], \"advisory\": \"cisco-sa-20200122-fmc-auth\", \"discovery\": \"INTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"Cisco Firepower Management Center\"}]}, \"vendor_name\": \"Cisco\"}]}}, \"exploit\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth\", \"name\": \"20200122 Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability\", \"refsource\": \"CISCO\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-287\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2019-16028\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability\", \"ASSIGNER\": \"psirt@cisco.com\", \"DATE_PUBLIC\": \"2020-01-22T16:00:00\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2019-16028\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-13T18:05:07.592Z\", \"dateReserved\": \"2019-09-06T00:00:00.000Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2020-09-23T00:26:14.168Z\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
BDU:2020-00344
Vulnerability from fstec - Published: 22.01.2020
VLAI Severity ?
Title
Уязвимость веб-интерфейса программного обеспечения администрирования сети Cisco Firepower Management Center (FMC), позволяющая нарушителю выполнить произвольные действия на уязвимом устройстве
Description
Уязвимость веб-интерфейса программного обеспечения администрирования сети Cisco Firepower Management Center (FMC) связана с недостатками аутентификации. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольные действия на уязвимом устройстве с помощью отправки специально сформированного HTTP-запроса
Severity ?
Vendor
Cisco Systems Inc.
Software Name
Cisco Firepower Management Center
Software Version
до 6.1.0 включительно (Cisco Firepower Management Center), до 6.4.0.7 (Cisco Firepower Management Center), от 6.5.0 до 6.5.0.2 (Cisco Firepower Management Center)
Possible Mitigations
Использование рекомендаций:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth
Reference
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth
CWE
CWE-287
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 6.1.0 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Cisco Firepower Management Center), \u0434\u043e 6.4.0.7 (Cisco Firepower Management Center), \u043e\u0442 6.5.0 \u0434\u043e 6.5.0.2 (Cisco Firepower Management Center)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "22.01.2020",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "29.01.2020",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "29.01.2020",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2020-00344",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-16028",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Cisco Firepower Management Center",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0435\u0442\u0438 Cisco Firepower Management Center (FMC), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0430\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f (CWE-287)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0435\u0442\u0438 Cisco Firepower Management Center (FMC) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u0430",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0437\u0430\u0449\u0438\u0442\u044b",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-287",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,8)"
}
VAR-202009-0483
Vulnerability from variot - Updated: 2024-11-27 23:02A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device. Cisco Firepower Management Center (FMC) Contains an authentication vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Cisco Firepower Management Center (FMC) is a new generation of firewall management center software from Cisco. This vulnerability stems from the lack of authentication measures or insufficient authentication strength in network systems or products. The following products and versions are affected: Cisco Firepower Management Center versions prior to 6.1.0 1, versions prior to 6.1.0, versions prior to 6.2.0 2, versions prior to 6.2.1 2, versions prior to 6.2.2 2, and versions prior to 6.2.3 , versions prior to 6.3.0, versions prior to 6.4.0, and versions prior to 6.5.0
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202009-0483",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "secure firewall management center",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "6.5.0.2"
},
{
"model": "secure firewall management center",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "6.3.0.6"
},
{
"model": "secure firewall management center",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "6.4.0"
},
{
"model": "secure firewall management center",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "6.2.3.16"
},
{
"model": "secure firewall management center",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "6.4.0.7"
},
{
"model": "secure firewall management center",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "6.3.0"
},
{
"model": "secure firewall management center",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "6.5.0"
},
{
"model": "cisco firepower management center",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-016046"
},
{
"db": "NVD",
"id": "CVE-2019-16028"
}
]
},
"cve": "CVE-2019-16028",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-16028",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-148133",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-16028",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-16028",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-16028",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2019-16028",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-16028",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202001-1392",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-148133",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148133"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-016046"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-1392"
},
{
"db": "NVD",
"id": "CVE-2019-16028"
},
{
"db": "NVD",
"id": "CVE-2019-16028"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device. Cisco Firepower Management Center (FMC) Contains an authentication vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Cisco Firepower Management Center (FMC) is a new generation of firewall management center software from Cisco. This vulnerability stems from the lack of authentication measures or insufficient authentication strength in network systems or products. The following products and versions are affected: Cisco Firepower Management Center versions prior to 6.1.0 1, versions prior to 6.1.0, versions prior to 6.2.0 2, versions prior to 6.2.1 2, versions prior to 6.2.2 2, and versions prior to 6.2.3 , versions prior to 6.3.0, versions prior to 6.4.0, and versions prior to 6.5.0",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-16028"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-016046"
},
{
"db": "VULHUB",
"id": "VHN-148133"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-16028",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-016046",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202001-1392",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.0242",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-148133",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148133"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-016046"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-1392"
},
{
"db": "NVD",
"id": "CVE-2019-16028"
}
]
},
"id": "VAR-202009-0483",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-148133"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-27T23:02:00.776000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20200122-fmc-auth",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth"
},
{
"title": "Cisco Firepower Management Center Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=107735"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-016046"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-1392"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.1
},
{
"problemtype": "Improper authentication (CWE-287) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148133"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-016046"
},
{
"db": "NVD",
"id": "CVE-2019-16028"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20200122-fmc-auth"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-16028"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0242/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148133"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-016046"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-1392"
},
{
"db": "NVD",
"id": "CVE-2019-16028"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-148133"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-016046"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-1392"
},
{
"db": "NVD",
"id": "CVE-2019-16028"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-23T00:00:00",
"db": "VULHUB",
"id": "VHN-148133"
},
{
"date": "2021-04-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-016046"
},
{
"date": "2020-01-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202001-1392"
},
{
"date": "2020-09-23T01:15:14.207000",
"db": "NVD",
"id": "CVE-2019-16028"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-10-07T00:00:00",
"db": "VULHUB",
"id": "VHN-148133"
},
{
"date": "2021-04-19T07:59:00",
"db": "JVNDB",
"id": "JVNDB-2019-016046"
},
{
"date": "2020-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202001-1392"
},
{
"date": "2024-11-26T16:09:02.407000",
"db": "NVD",
"id": "CVE-2019-16028"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202001-1392"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco\u00a0Firepower\u00a0Management\u00a0Center\u00a0 Authentication vulnerabilities in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-016046"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202001-1392"
}
],
"trust": 0.6
}
}
GSD-2019-16028
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-16028",
"description": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device.",
"id": "GSD-2019-16028"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-16028"
],
"details": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device.",
"id": "GSD-2019-16028",
"modified": "2023-12-13T01:23:40.663731Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-01-22T16:00:00",
"ID": "CVE-2019-16028",
"STATE": "PUBLIC",
"TITLE": "Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Firepower Management Center ",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"impact": {
"cvss": {
"baseScore": "9.8",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H ",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200122 Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth"
}
]
},
"source": {
"advisory": "cisco-sa-20200122-fmc-auth",
"defect": [
[
"CSCvr95287"
]
],
"discovery": "INTERNAL"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.2.3.16",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.3.0.6",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.4.0.7",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.0.2",
"versionStartIncluding": "6.5.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2019-16028"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200122 Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability",
"refsource": "CISCO",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2020-10-07T11:01Z",
"publishedDate": "2020-09-23T01:15Z"
}
}
}
CERTFR-2020-AVI-055
Vulnerability from certfr_avis - Published: 2020-01-23 - Updated: 2020-01-23
De multiples vulnérabilités ont été découvertes dans les produits Cisco. Elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Cisco | N/A | Cisco Firepower Management Center (FMC) versions 6.4.x antérieures à 6.4.0.7 | ||
| Cisco | N/A | Cisco TC versions 7.x (CSCvs67675) antérieures à 7.3.20 | ||
| Cisco | N/A | Cisco Firepower Management Center (FMC) versions 6.3.x antérieures à 6.3.0.6 (correctif disponible en mai 2020) | ||
| Cisco | IOS XE | Cisco IOS XE SD-WAN versions antérieures à 16.12.1 | ||
| Cisco | N/A | Cisco CE versions 9.x (CSCvs45241, CSCvs67680) antérieures à 9.8.3 | ||
| Cisco | Smart Software Manager | Cisco Smart Software Manager On-Prem versions antérieures à 7-201910 | ||
| Cisco | N/A | Cisco Firepower Management Center (FMC) versions antérieures à 6.2.3.16 (correctif disponible en février 2020) | ||
| Cisco | IOS XR | Cisco IOS XR (se référer au bulletin de l'éditeur pour la liste des correctifs disponibles, cf. section Documentation) | ||
| Cisco | N/A | Cisco CE versions 9.10.x (CSCvs45241, CSCvs67680) antérieures à 9.10.0 | ||
| Cisco | N/A | Cisco CE versions 9.9.x (CSCvs45241, CSCvs67680) antérieures à 9.9.2 | ||
| Cisco | N/A | Cisco CE versions 8.x (CSCvs45241, CSCvs67680) antérieures à 8.3.8 | ||
| Cisco | N/A | Cisco SD-WAN Solution vManage versions antérieures à 18.4.302 | ||
| Cisco | N/A | Cisco Firepower Management Center (FMC) versions 6.5.x antérieures à 6.5.0.2 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cisco Firepower Management Center (FMC) versions 6.4.x ant\u00e9rieures \u00e0 6.4.0.7",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco TC versions 7.x (CSCvs67675) ant\u00e9rieures \u00e0 7.3.20",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Firepower Management Center (FMC) versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.6 (correctif disponible en mai 2020)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco IOS XE SD-WAN versions ant\u00e9rieures \u00e0 16.12.1",
"product": {
"name": "IOS XE",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco CE versions 9.x (CSCvs45241, CSCvs67680) ant\u00e9rieures \u00e0 9.8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Smart Software Manager On-Prem versions ant\u00e9rieures \u00e0 7-201910",
"product": {
"name": "Smart Software Manager",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Firepower Management Center (FMC) versions ant\u00e9rieures \u00e0 6.2.3.16 (correctif disponible en f\u00e9vrier 2020)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco IOS XR (se r\u00e9f\u00e9rer au bulletin de l\u0027\u00e9diteur pour la liste des correctifs disponibles, cf. section Documentation)",
"product": {
"name": "IOS XR",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco CE versions 9.10.x (CSCvs45241, CSCvs67680) ant\u00e9rieures \u00e0 9.10.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco CE versions 9.9.x (CSCvs45241, CSCvs67680) ant\u00e9rieures \u00e0 9.9.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco CE versions 8.x (CSCvs45241, CSCvs67680) ant\u00e9rieures \u00e0 8.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco SD-WAN Solution vManage versions ant\u00e9rieures \u00e0 18.4.302",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Firepower Management Center (FMC) versions 6.5.x ant\u00e9rieures \u00e0 6.5.0.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-16027",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16027"
},
{
"name": "CVE-2019-16028",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16028"
},
{
"name": "CVE-2019-16019",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16019"
},
{
"name": "CVE-2019-16029",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16029"
},
{
"name": "CVE-2019-1950",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1950"
},
{
"name": "CVE-2020-3115",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3115"
},
{
"name": "CVE-2019-16022",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16022"
},
{
"name": "CVE-2019-16018",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16018"
},
{
"name": "CVE-2019-16020",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16020"
},
{
"name": "CVE-2019-16021",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16021"
},
{
"name": "CVE-2020-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3143"
},
{
"name": "CVE-2019-16023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16023"
}
],
"initial_release_date": "2020-01-23T00:00:00",
"last_revision_date": "2020-01-23T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-055",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-01-23T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance, un contournement de la politique de s\u00e9curit\u00e9 et une \u00e9l\u00e9vation\nde privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-telepresence-path-tr-wdrnYEZZ du 22 janvier 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telepresence-path-tr-wdrnYEZZ"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20200122-fmc-auth du 22 janvier 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20200122-ios-xr-evpn du 22 janvier 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-sd-wan-cred-EVGSF259 du 22 janvier 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-cred-EVGSF259"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20200122-ios-xr-routes du 22 janvier 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routes"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20200122-sdwan-priv-esc du 22 janvier 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sdwan-priv-esc"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20200122-on-prem-dos du 22 janvier 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-on-prem-dos"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20200122-ios-xr-dos du 22 janvier 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dos"
}
]
}
FKIE_CVE-2019-16028
Vulnerability from fkie_nvd - Published: 2020-09-23 01:15 - Updated: 2024-11-26 16:09
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | secure_firewall_management_center | * | |
| cisco | secure_firewall_management_center | * | |
| cisco | secure_firewall_management_center | * | |
| cisco | secure_firewall_management_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EABB3BD-4AF7-4FC1-9090-19B07F1B578D",
"versionEndExcluding": "6.2.3.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7960516D-9A46-41EE-A0FE-E139A64DD62C",
"versionEndExcluding": "6.3.0.6",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "970816D7-3FC8-430A-BEFB-D8F3E5F84301",
"versionEndExcluding": "6.4.0.7",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBC14B4B-D535-49DF-ABA2-BB4057A4BC47",
"versionEndExcluding": "6.5.0.2",
"versionStartIncluding": "6.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Firepower Management Center (FMC), podr\u00eda permitir a un atacante remoto no autenticado omitir la autenticaci\u00f3n y ejecutar acciones arbitrarias con privilegios administrativos en un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido al manejo inapropiado de las respuestas de autenticaci\u00f3n Lightweight Directory Access Protocol (LDAP) de un servidor de autenticaci\u00f3n externo.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de peticiones HTTP dise\u00f1adas hacia un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante obtener acceso administrativo a la interfaz de administraci\u00f3n basada en web del dispositivo afectado"
}
],
"id": "CVE-2019-16028",
"lastModified": "2024-11-26T16:09:02.407",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-23T01:15:14.207",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-WGX9-9FRM-4CGQ
Vulnerability from github – Published: 2022-05-24 17:29 – Updated: 2024-11-26 18:38
VLAI?
Details
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device.
Severity ?
9.8 (Critical)
{
"affected": [],
"aliases": [
"CVE-2019-16028"
],
"database_specific": {
"cwe_ids": [
"CWE-287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-09-23T01:15:00Z",
"severity": "CRITICAL"
},
"details": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device.",
"id": "GHSA-wgx9-9frm-4cgq",
"modified": "2024-11-26T18:38:40Z",
"published": "2022-05-24T17:29:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16028"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
CNVD-2020-16513
Vulnerability from cnvd - Published: 2020-03-10
VLAI Severity ?
Title
Cisco Firepower Management Center授权问题漏洞
Description
Cisco Firepower Management Center(FMC)是美国思科(Cisco)公司的新一代防火墙管理中心软件。
Cisco Firepower Management Center中存在授权问题漏洞。该漏洞源于网络系统或产品中缺少身份验证措施或身份验证强度不足。目前没有详细漏洞细节提供。
Severity
低
Patch Name
Cisco Firepower Management Center授权问题漏洞的补丁
Patch Description
Cisco Firepower Management Center(FMC)是美国思科(Cisco)公司的新一代防火墙管理中心软件。
Cisco Firepower Management Center中存在授权问题漏洞。该漏洞源于网络系统或产品中缺少身份验证措施或身份验证强度不足。目前没有详细漏洞细节提供。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth
Reference
https://nvd.nist.gov/vuln/detail/CVE-2019-16028
Impacted products
| Name | ['Cisco Cisco Firepower Management Center <6.1.0 1', 'Cisco Cisco Firepower Management Center <6.1.0', 'Cisco Cisco Firepower Management Center <6.2.0 2', 'Cisco Cisco Firepower Management Center <6.2.1 2', 'Cisco Cisco Firepower Management Center <6.2.2 2', 'Cisco Cisco Firepower Management Center <6.2.3', 'Cisco Cisco Firepower Management Center <6.3.0', 'Cisco Cisco Firepower Management Center <6.4.0', 'Cisco Cisco Firepower Management Center <6.5.0'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-16028",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-16028"
}
},
"description": "Cisco Firepower Management Center\uff08FMC\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u65b0\u4e00\u4ee3\u9632\u706b\u5899\u7ba1\u7406\u4e2d\u5fc3\u8f6f\u4ef6\u3002\n\nCisco Firepower Management Center\u4e2d\u5b58\u5728\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u4e2d\u7f3a\u5c11\u8eab\u4efd\u9a8c\u8bc1\u63aa\u65bd\u6216\u8eab\u4efd\u9a8c\u8bc1\u5f3a\u5ea6\u4e0d\u8db3\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2020-16513",
"openTime": "2020-03-10",
"patchDescription": "Cisco Firepower Management Center\uff08FMC\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u65b0\u4e00\u4ee3\u9632\u706b\u5899\u7ba1\u7406\u4e2d\u5fc3\u8f6f\u4ef6\u3002\r\n\r\nCisco Firepower Management Center\u4e2d\u5b58\u5728\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u4e2d\u7f3a\u5c11\u8eab\u4efd\u9a8c\u8bc1\u63aa\u65bd\u6216\u8eab\u4efd\u9a8c\u8bc1\u5f3a\u5ea6\u4e0d\u8db3\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Cisco Firepower Management Center\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Cisco Cisco Firepower Management Center \u003c6.1.0 1",
"Cisco Cisco Firepower Management Center \u003c6.1.0",
"Cisco Cisco Firepower Management Center \u003c6.2.0 2",
"Cisco Cisco Firepower Management Center \u003c6.2.1 2",
"Cisco Cisco Firepower Management Center \u003c6.2.2 2",
"Cisco Cisco Firepower Management Center \u003c6.2.3",
"Cisco Cisco Firepower Management Center \u003c6.3.0",
"Cisco Cisco Firepower Management Center \u003c6.4.0",
"Cisco Cisco Firepower Management Center \u003c6.5.0"
]
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-16028",
"serverity": "\u4f4e",
"submitTime": "2020-02-18",
"title": "Cisco Firepower Management Center\u6388\u6743\u95ee\u9898\u6f0f\u6d1e"
}
CISCO-SA-20200122-FMC-AUTH
Vulnerability from csaf_cisco - Published: 2020-01-22 16:00 - Updated: 2020-01-22 16:00Summary
Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability
Notes
Summary: A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device.
The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Vulnerable Products: This vulnerability affects Cisco FMC Software if it is configured to authenticate users of the web-based management interface through an external LDAP server.
For information about which Cisco FMC Software releases are vulnerable, see the Fixed Software ["#fs"] section of this advisory.
Determine Whether External Authentication Through LDAP Is Enabled
To determine whether external authentication using an LDAP server is configured on the device, administrators can navigate to System > Users > External Authentication and look for an External Authentication Object that uses LDAP as the authentication method. The External Authentication Object must be enabled for the FMC to be affected.
Products Confirmed Not Vulnerable: Only products listed in the Vulnerable Products ["#vp"] section of this advisory are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software.
Workarounds: There are no workarounds that address this vulnerability. However, customers who cannot immediately apply a software fix may evaluate the possibility of disabling LDAP authentication for FMC access and using other authentication methods until a software fix can be applied.
Fixed Software: Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license:
https://www.cisco.com/c/en/us/products/end-user-license-agreement.html ["https://www.cisco.com/c/en/us/products/end-user-license-agreement.html"]
Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades.
When considering software upgrades ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page ["https://www.cisco.com/go/psirt"], to determine exposure and a complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC:
https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html ["https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html"]
Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade.
Fixed Releases
In the following table, the left column lists releases of Cisco FMC Software. The center column indicates whether a release is affected by the vulnerability described in this advisory and the first release that includes the fix for this vulnerability. The right column indicates whether a hotfix patch is available for an affected release.
Cisco FMC Software Release First Fixed Release
Hotfix Patch
Earlier than 6.1.01 Migrate to a fixed release.
Not available.
6.1.0 Migrate to a fixed release. Sourcefire_3D_Defense_Center_S3_Hotfix_ES-6.1.0.8-2.sh
6.2.02 Migrate to a fixed release. Not available. 6.2.12 Migrate to a fixed release. Not available. 6.2.22 Migrate to a fixed release. Not available. 6.2.3 6.2.3.16 (February 2020)
Sourcefire_3D_Defense_Center_S3_Hotfix_DO-6.2.3.16-3.sh.REL.tar 6.3.0 6.3.0.6 (May 2020)
Cisco_Firepower_Mgmt_Center_Hotfix_AI-6.3.0.6-2.sh.REL.tar 6.4.0 6.4.0.7
Cisco_Firepower_Mgmt_Center_Hotfix_U-6.4.0.7-2.sh.REL.tar (for releases 6.4.0.5 and later)
Cisco_Firepower_Mgmt_Center_Hotfix_T-6.4.0.5-1.sh.REL.tar (for releases 6.4.0.4 and earlier) 6.5.0 6.5.0.23
Not available.
1. Cisco FMC Software releases 6.0.1 and earlier have reached end of software maintenance. Customers are advised to migrate to a supported release that includes the fix for this vulnerability.
2. Customers who are running a 6.2.0, 6.2.1, or 6.2.2 release should migrate either to a release that integrates the fix or to a release for which a hotfix patch is available. For example, customers could migrate to Release 6.2.3 and then install the hotfix patch, which is Sourcefire_3D_Defense_Center_S3_Hotfix_DO-6.2.3.16-3.sh.REL.tar.
3. Cisco FMC Software Release 6.5.0.1 integrates a fix for this vulnerability; however, it is no longer available for download.
Customers who are running the following Cisco FMC Software releases can remediate by doing the following:
Releases earlier than 6.1.0: Migrate to a 6.2.3 release and apply available hotfixes.
6.1.0: Apply the hotfix listed in the preceding table or migrate to a 6.2.3 release and apply available hotfix.
6.2.0 through 6.2.2: Migrate to a 6.2.3 release and apply available hotfix.
6.2.3 or 6.3.0: Apply available hotfixes; maintenance releases will be available later this year.
6.4.0: Apply available hotfixes or upgrade to Release 6.4.0.7.
6.5.0: Upgrade to 6.5.0.2.
Customers may install a fix either by upgrading to a fixed release or by installing a hotfix patch. The availability of each option for all the supported software releases is documented in the preceding table.
To upgrade to a release that includes a fix for this vulnerability or to install a hotfix patch, customers are advised to follow the Cisco Firepower Management Center Upgrade Guide ["https://www.cisco.com/c/en/us/td/docs/security/firepower/upgrade/fpmc-upgrade-guide.html"] and then review the appropriate release notes ["https://www.cisco.com/c/en/us/support/security/defense-center/products-release-notes-list.html"] or, if applicable, review the Firepower Hotfix Release Notes ["https://www.cisco.com/c/en/us/td/docs/security/firepower/hotfix/Firepower_Hotfix_Release_Notes.html"].
Vulnerability Policy: To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
Exploitation and Public Announcements: The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
Source: Cisco would like to thank Michael J. Venema of Family Care Network and Johan Anderström of QLS for independently reporting this vulnerability.
Legal Disclaimer: THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.
9.8 (Critical)
Affected products
Known affected
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Base
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.0.0
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.0.1
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.0.0.1
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.0.0.0
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.1.0
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.0.1.1
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
Base
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.0
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.1
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.1.0.2
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.2
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.0.2
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.0.1.3
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.0.1.2
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.0.1.4
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.1.0.1
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.1.0.3
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.1.0.4
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.1.0.5
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.1.0.6
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.1.0.7
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.0.1
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.0.3
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.0.4
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.0.5
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.0.6
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.0.7
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.2.1
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.2.2
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.2.3
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.2.4
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.3
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.3.1
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.3.2
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.3.3
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.3.4
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.3.5
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.3.6
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.3.0
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.3.0.1
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.3.0.2
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.3.0.3
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.4.0
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.4.0.1
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.4.0.3
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.5.0
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.3.7
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.3.9
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.3.10
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.3.11
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.3.12
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.3.13
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
|
|
6.2.3.14
Cisco / Cisco Secure Firewall Management Center (FMC)
|
— |
Vendor Fix
fix
|
References
9 references
Acknowledgments
{
"document": {
"acknowledgments": [
{
"summary": "Cisco would like to thank Michael J. Venema of Family Care Network and Johan Anderstr\u00f6m of QLS for independently reporting this vulnerability."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"notes": [
{
"category": "summary",
"text": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device.\r\n\r\nThe vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device.\r\n\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\r\n\r\n",
"title": "Summary"
},
{
"category": "general",
"text": "This vulnerability affects Cisco FMC Software if it is configured to authenticate users of the web-based management interface through an external LDAP server.\r\n\r\nFor information about which Cisco FMC Software releases are vulnerable, see the Fixed Software [\"#fs\"] section of this advisory.\r\n Determine Whether External Authentication Through LDAP Is Enabled\r\nTo determine whether external authentication using an LDAP server is configured on the device, administrators can navigate to System \u003e Users \u003e External Authentication and look for an External Authentication Object that uses LDAP as the authentication method. The External Authentication Object must be enabled for the FMC to be affected.",
"title": "Vulnerable Products"
},
{
"category": "general",
"text": "Only products listed in the Vulnerable Products [\"#vp\"] section of this advisory are known to be affected by this vulnerability.\r\n\r\nCisco has confirmed that this vulnerability does not affect Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software.",
"title": "Products Confirmed Not Vulnerable"
},
{
"category": "general",
"text": "There are no workarounds that address this vulnerability. However, customers who cannot immediately apply a software fix may evaluate the possibility of disabling LDAP authentication for FMC access and using other authentication methods until a software fix can be applied.",
"title": "Workarounds"
},
{
"category": "general",
"text": "Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license:\r\nhttps://www.cisco.com/c/en/us/products/end-user-license-agreement.html [\"https://www.cisco.com/c/en/us/products/end-user-license-agreement.html\"]\r\n\r\nAdditionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades.\r\n\r\nWhen considering software upgrades [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page [\"https://www.cisco.com/go/psirt\"], to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.\r\n Customers Without Service Contracts\r\nCustomers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC:\r\nhttps://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html [\"https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html\"]\r\n\r\nCustomers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade.\r\n Fixed Releases\r\n In the following table, the left column lists releases of Cisco FMC Software. The center column indicates whether a release is affected by the vulnerability described in this advisory and the first release that includes the fix for this vulnerability. The right column indicates whether a hotfix patch is available for an affected release.\r\n Cisco FMC Software Release First Fixed Release\r\n Hotfix Patch\r\n Earlier than 6.1.01 Migrate to a fixed release.\r\n Not available.\r\n 6.1.0 Migrate to a fixed release. Sourcefire_3D_Defense_Center_S3_Hotfix_ES-6.1.0.8-2.sh\r\n 6.2.02 Migrate to a fixed release. Not available. 6.2.12 Migrate to a fixed release. Not available. 6.2.22 Migrate to a fixed release. Not available. 6.2.3 6.2.3.16 (February 2020)\r\n Sourcefire_3D_Defense_Center_S3_Hotfix_DO-6.2.3.16-3.sh.REL.tar 6.3.0 6.3.0.6 (May 2020)\r\n Cisco_Firepower_Mgmt_Center_Hotfix_AI-6.3.0.6-2.sh.REL.tar 6.4.0 6.4.0.7\r\n Cisco_Firepower_Mgmt_Center_Hotfix_U-6.4.0.7-2.sh.REL.tar (for releases 6.4.0.5 and later)\r\nCisco_Firepower_Mgmt_Center_Hotfix_T-6.4.0.5-1.sh.REL.tar (for releases 6.4.0.4 and earlier) 6.5.0 6.5.0.23\r\n Not available.\r\n\r\n 1. Cisco FMC Software releases 6.0.1 and earlier have reached end of software maintenance. Customers are advised to migrate to a supported release that includes the fix for this vulnerability.\r\n2. Customers who are running a 6.2.0, 6.2.1, or 6.2.2 release should migrate either to a release that integrates the fix or to a release for which a hotfix patch is available. For example, customers could migrate to Release 6.2.3 and then install the hotfix patch, which is Sourcefire_3D_Defense_Center_S3_Hotfix_DO-6.2.3.16-3.sh.REL.tar.\r\n\r\n3. Cisco FMC Software Release 6.5.0.1 integrates a fix for this vulnerability; however, it is no longer available for download.\r\n\r\nCustomers who are running the following Cisco FMC Software releases can remediate by doing the following:\r\n\r\n Releases earlier than 6.1.0: Migrate to a 6.2.3 release and apply available hotfixes.\r\n 6.1.0: Apply the hotfix listed in the preceding table or migrate to a 6.2.3 release and apply available hotfix.\r\n 6.2.0 through 6.2.2: Migrate to a 6.2.3 release and apply available hotfix.\r\n 6.2.3 or 6.3.0: Apply available hotfixes; maintenance releases will be available later this year.\r\n 6.4.0: Apply available hotfixes or upgrade to Release 6.4.0.7.\r\n 6.5.0: Upgrade to 6.5.0.2.\r\n\r\nCustomers may install a fix either by upgrading to a fixed release or by installing a hotfix patch. The availability of each option for all the supported software releases is documented in the preceding table.\r\n\r\nTo upgrade to a release that includes a fix for this vulnerability or to install a hotfix patch, customers are advised to follow the Cisco Firepower Management Center Upgrade Guide [\"https://www.cisco.com/c/en/us/td/docs/security/firepower/upgrade/fpmc-upgrade-guide.html\"] and then review the appropriate release notes [\"https://www.cisco.com/c/en/us/support/security/defense-center/products-release-notes-list.html\"] or, if applicable, review the Firepower Hotfix Release Notes [\"https://www.cisco.com/c/en/us/td/docs/security/firepower/hotfix/Firepower_Hotfix_Release_Notes.html\"].",
"title": "Fixed Software"
},
{
"category": "general",
"text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
"title": "Vulnerability Policy"
},
{
"category": "general",
"text": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
"title": "Exploitation and Public Announcements"
},
{
"category": "general",
"text": "Cisco would like to thank Michael J. Venema of Family Care Network and Johan Anderstr\u00f6m of QLS for independently reporting this vulnerability.",
"title": "Source"
},
{
"category": "legal_disclaimer",
"text": "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.",
"title": "Legal Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@cisco.com",
"issuing_authority": "Cisco PSIRT",
"name": "Cisco",
"namespace": "https://wwww.cisco.com"
},
"references": [
{
"category": "self",
"summary": "Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth"
},
{
"category": "external",
"summary": "Cisco Security Vulnerability Policy",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
},
{
"category": "external",
"summary": "https://www.cisco.com/c/en/us/products/end-user-license-agreement.html",
"url": "https://www.cisco.com/c/en/us/products/end-user-license-agreement.html"
},
{
"category": "external",
"summary": "considering software upgrades",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"
},
{
"category": "external",
"summary": "Cisco Security Advisories and Alerts page",
"url": "https://www.cisco.com/go/psirt"
},
{
"category": "external",
"summary": "https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html",
"url": "https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html"
},
{
"category": "external",
"summary": "Cisco Firepower Management Center Upgrade Guide",
"url": "https://www.cisco.com/c/en/us/td/docs/security/firepower/upgrade/fpmc-upgrade-guide.html"
},
{
"category": "external",
"summary": "release notes",
"url": "https://www.cisco.com/c/en/us/support/security/defense-center/products-release-notes-list.html"
},
{
"category": "external",
"summary": "Firepower Hotfix Release Notes",
"url": "https://www.cisco.com/c/en/us/td/docs/security/firepower/hotfix/Firepower_Hotfix_Release_Notes.html"
}
],
"title": "Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability",
"tracking": {
"current_release_date": "2020-01-22T16:00:00+00:00",
"generator": {
"date": "2025-10-13T15:38:11+00:00",
"engine": {
"name": "TVCE"
}
},
"id": "cisco-sa-20200122-fmc-auth",
"initial_release_date": "2020-01-22T16:00:00+00:00",
"revision_history": [
{
"date": "2020-01-22T15:55:47+00:00",
"number": "1.0.0",
"summary": "Initial public release."
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "service_pack",
"name": "Base",
"product": {
"name": "Base",
"product_id": "CSAFPID-212170"
}
},
{
"category": "service_pack",
"name": "6.0.0",
"product": {
"name": "6.0.0",
"product_id": "CSAFPID-212171"
}
},
{
"category": "service_pack",
"name": "6.0.1",
"product": {
"name": "6.0.1",
"product_id": "CSAFPID-212172"
}
},
{
"category": "service_pack",
"name": "6.0.0.1",
"product": {
"name": "6.0.0.1",
"product_id": "CSAFPID-213676"
}
},
{
"category": "service_pack",
"name": "6.0.0.0",
"product": {
"name": "6.0.0.0",
"product_id": "CSAFPID-213754"
}
},
{
"category": "service_pack",
"name": "6.0.1.1",
"product": {
"name": "6.0.1.1",
"product_id": "CSAFPID-222771"
}
},
{
"category": "service_pack",
"name": "6.0.1.3",
"product": {
"name": "6.0.1.3",
"product_id": "CSAFPID-227816"
}
},
{
"category": "service_pack",
"name": "6.0.1.2",
"product": {
"name": "6.0.1.2",
"product_id": "CSAFPID-267611"
}
},
{
"category": "service_pack",
"name": "6.0.1.4",
"product": {
"name": "6.0.1.4",
"product_id": "CSAFPID-267612"
}
}
],
"category": "product_version",
"name": "6.0"
},
{
"branches": [
{
"category": "service_pack",
"name": "6.1.0",
"product": {
"name": "6.1.0",
"product_id": "CSAFPID-216309"
}
},
{
"category": "service_pack",
"name": "6.1.0.2",
"product": {
"name": "6.1.0.2",
"product_id": "CSAFPID-226361"
}
},
{
"category": "service_pack",
"name": "6.1.0.1",
"product": {
"name": "6.1.0.1",
"product_id": "CSAFPID-267613"
}
},
{
"category": "service_pack",
"name": "6.1.0.3",
"product": {
"name": "6.1.0.3",
"product_id": "CSAFPID-267614"
}
},
{
"category": "service_pack",
"name": "6.1.0.4",
"product": {
"name": "6.1.0.4",
"product_id": "CSAFPID-267615"
}
},
{
"category": "service_pack",
"name": "6.1.0.5",
"product": {
"name": "6.1.0.5",
"product_id": "CSAFPID-267616"
}
},
{
"category": "service_pack",
"name": "6.1.0.6",
"product": {
"name": "6.1.0.6",
"product_id": "CSAFPID-267617"
}
},
{
"category": "service_pack",
"name": "6.1.0.7",
"product": {
"name": "6.1.0.7",
"product_id": "CSAFPID-267618"
}
}
],
"category": "product_version",
"name": "6.1"
},
{
"branches": [
{
"category": "service_pack",
"name": "Base",
"product": {
"name": "Base",
"product_id": "CSAFPID-224893"
}
},
{
"category": "service_pack",
"name": "6.2.0",
"product": {
"name": "6.2.0",
"product_id": "CSAFPID-224894"
}
},
{
"category": "service_pack",
"name": "6.2.1",
"product": {
"name": "6.2.1",
"product_id": "CSAFPID-225378"
}
},
{
"category": "service_pack",
"name": "6.2.2",
"product": {
"name": "6.2.2",
"product_id": "CSAFPID-226362"
}
},
{
"category": "service_pack",
"name": "6.2.0.2",
"product": {
"name": "6.2.0.2",
"product_id": "CSAFPID-227815"
}
},
{
"category": "service_pack",
"name": "6.2.0.1",
"product": {
"name": "6.2.0.1",
"product_id": "CSAFPID-267619"
}
},
{
"category": "service_pack",
"name": "6.2.0.3",
"product": {
"name": "6.2.0.3",
"product_id": "CSAFPID-267620"
}
},
{
"category": "service_pack",
"name": "6.2.0.4",
"product": {
"name": "6.2.0.4",
"product_id": "CSAFPID-267621"
}
},
{
"category": "service_pack",
"name": "6.2.0.5",
"product": {
"name": "6.2.0.5",
"product_id": "CSAFPID-267622"
}
},
{
"category": "service_pack",
"name": "6.2.0.6",
"product": {
"name": "6.2.0.6",
"product_id": "CSAFPID-267623"
}
},
{
"category": "service_pack",
"name": "6.2.0.7",
"product": {
"name": "6.2.0.7",
"product_id": "CSAFPID-267624"
}
},
{
"category": "service_pack",
"name": "6.2.2.1",
"product": {
"name": "6.2.2.1",
"product_id": "CSAFPID-267625"
}
},
{
"category": "service_pack",
"name": "6.2.2.2",
"product": {
"name": "6.2.2.2",
"product_id": "CSAFPID-267626"
}
},
{
"category": "service_pack",
"name": "6.2.2.3",
"product": {
"name": "6.2.2.3",
"product_id": "CSAFPID-267627"
}
},
{
"category": "service_pack",
"name": "6.2.2.4",
"product": {
"name": "6.2.2.4",
"product_id": "CSAFPID-267628"
}
},
{
"category": "service_pack",
"name": "6.2.3",
"product": {
"name": "6.2.3",
"product_id": "CSAFPID-267629"
}
},
{
"category": "service_pack",
"name": "6.2.3.1",
"product": {
"name": "6.2.3.1",
"product_id": "CSAFPID-267630"
}
},
{
"category": "service_pack",
"name": "6.2.3.2",
"product": {
"name": "6.2.3.2",
"product_id": "CSAFPID-267631"
}
},
{
"category": "service_pack",
"name": "6.2.3.3",
"product": {
"name": "6.2.3.3",
"product_id": "CSAFPID-267632"
}
},
{
"category": "service_pack",
"name": "6.2.3.4",
"product": {
"name": "6.2.3.4",
"product_id": "CSAFPID-267633"
}
},
{
"category": "service_pack",
"name": "6.2.3.5",
"product": {
"name": "6.2.3.5",
"product_id": "CSAFPID-267634"
}
},
{
"category": "service_pack",
"name": "6.2.3.6",
"product": {
"name": "6.2.3.6",
"product_id": "CSAFPID-267635"
}
},
{
"category": "service_pack",
"name": "6.2.3.7",
"product": {
"name": "6.2.3.7",
"product_id": "CSAFPID-267677"
}
},
{
"category": "service_pack",
"name": "6.2.3.9",
"product": {
"name": "6.2.3.9",
"product_id": "CSAFPID-267678"
}
},
{
"category": "service_pack",
"name": "6.2.3.10",
"product": {
"name": "6.2.3.10",
"product_id": "CSAFPID-267679"
}
},
{
"category": "service_pack",
"name": "6.2.3.11",
"product": {
"name": "6.2.3.11",
"product_id": "CSAFPID-267680"
}
},
{
"category": "service_pack",
"name": "6.2.3.12",
"product": {
"name": "6.2.3.12",
"product_id": "CSAFPID-267681"
}
},
{
"category": "service_pack",
"name": "6.2.3.13",
"product": {
"name": "6.2.3.13",
"product_id": "CSAFPID-267682"
}
},
{
"category": "service_pack",
"name": "6.2.3.14",
"product": {
"name": "6.2.3.14",
"product_id": "CSAFPID-267683"
}
}
],
"category": "product_version",
"name": "6.2"
},
{
"branches": [
{
"category": "service_pack",
"name": "6.3.0",
"product": {
"name": "6.3.0",
"product_id": "CSAFPID-267645"
}
},
{
"category": "service_pack",
"name": "6.3.0.1",
"product": {
"name": "6.3.0.1",
"product_id": "CSAFPID-267646"
}
},
{
"category": "service_pack",
"name": "6.3.0.2",
"product": {
"name": "6.3.0.2",
"product_id": "CSAFPID-267647"
}
},
{
"category": "service_pack",
"name": "6.3.0.3",
"product": {
"name": "6.3.0.3",
"product_id": "CSAFPID-267648"
}
}
],
"category": "product_version",
"name": "6.3"
},
{
"branches": [
{
"category": "service_pack",
"name": "6.4.0",
"product": {
"name": "6.4.0",
"product_id": "CSAFPID-267650"
}
},
{
"category": "service_pack",
"name": "6.4.0.1",
"product": {
"name": "6.4.0.1",
"product_id": "CSAFPID-267651"
}
},
{
"category": "service_pack",
"name": "6.4.0.3",
"product": {
"name": "6.4.0.3",
"product_id": "CSAFPID-267652"
}
}
],
"category": "product_version",
"name": "6.4"
},
{
"branches": [
{
"category": "service_pack",
"name": "6.5.0",
"product": {
"name": "6.5.0",
"product_id": "CSAFPID-267654"
}
}
],
"category": "product_version",
"name": "6.5"
}
],
"category": "product_family",
"name": "Cisco Secure Firewall Management Center (FMC)"
}
],
"category": "vendor",
"name": "Cisco"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-16028",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCvr95287"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-212170",
"CSAFPID-212171",
"CSAFPID-212172",
"CSAFPID-213676",
"CSAFPID-213754",
"CSAFPID-216309",
"CSAFPID-222771",
"CSAFPID-224893",
"CSAFPID-224894",
"CSAFPID-225378",
"CSAFPID-226361",
"CSAFPID-226362",
"CSAFPID-227815",
"CSAFPID-227816",
"CSAFPID-267611",
"CSAFPID-267612",
"CSAFPID-267613",
"CSAFPID-267614",
"CSAFPID-267615",
"CSAFPID-267616",
"CSAFPID-267617",
"CSAFPID-267618",
"CSAFPID-267619",
"CSAFPID-267620",
"CSAFPID-267621",
"CSAFPID-267622",
"CSAFPID-267623",
"CSAFPID-267624",
"CSAFPID-267625",
"CSAFPID-267626",
"CSAFPID-267627",
"CSAFPID-267628",
"CSAFPID-267629",
"CSAFPID-267630",
"CSAFPID-267631",
"CSAFPID-267632",
"CSAFPID-267633",
"CSAFPID-267634",
"CSAFPID-267635",
"CSAFPID-267645",
"CSAFPID-267646",
"CSAFPID-267647",
"CSAFPID-267648",
"CSAFPID-267650",
"CSAFPID-267651",
"CSAFPID-267652",
"CSAFPID-267654",
"CSAFPID-267677",
"CSAFPID-267678",
"CSAFPID-267679",
"CSAFPID-267680",
"CSAFPID-267681",
"CSAFPID-267682",
"CSAFPID-267683"
]
},
"release_date": "2020-01-22T16:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-212170",
"CSAFPID-212171",
"CSAFPID-212172",
"CSAFPID-213676",
"CSAFPID-213754",
"CSAFPID-216309",
"CSAFPID-222771",
"CSAFPID-224893",
"CSAFPID-224894",
"CSAFPID-225378",
"CSAFPID-226361",
"CSAFPID-226362",
"CSAFPID-227815",
"CSAFPID-227816",
"CSAFPID-267611",
"CSAFPID-267612",
"CSAFPID-267613",
"CSAFPID-267614",
"CSAFPID-267615",
"CSAFPID-267616",
"CSAFPID-267617",
"CSAFPID-267618",
"CSAFPID-267619",
"CSAFPID-267620",
"CSAFPID-267621",
"CSAFPID-267622",
"CSAFPID-267623",
"CSAFPID-267624",
"CSAFPID-267625",
"CSAFPID-267626",
"CSAFPID-267627",
"CSAFPID-267628",
"CSAFPID-267629",
"CSAFPID-267630",
"CSAFPID-267631",
"CSAFPID-267632",
"CSAFPID-267633",
"CSAFPID-267634",
"CSAFPID-267635",
"CSAFPID-267645",
"CSAFPID-267646",
"CSAFPID-267647",
"CSAFPID-267648",
"CSAFPID-267650",
"CSAFPID-267651",
"CSAFPID-267652",
"CSAFPID-267654",
"CSAFPID-267677",
"CSAFPID-267678",
"CSAFPID-267679",
"CSAFPID-267680",
"CSAFPID-267681",
"CSAFPID-267682",
"CSAFPID-267683"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-212170",
"CSAFPID-212171",
"CSAFPID-212172",
"CSAFPID-213676",
"CSAFPID-213754",
"CSAFPID-216309",
"CSAFPID-222771",
"CSAFPID-224893",
"CSAFPID-224894",
"CSAFPID-225378",
"CSAFPID-226361",
"CSAFPID-226362",
"CSAFPID-227815",
"CSAFPID-227816",
"CSAFPID-267611",
"CSAFPID-267612",
"CSAFPID-267613",
"CSAFPID-267614",
"CSAFPID-267615",
"CSAFPID-267616",
"CSAFPID-267617",
"CSAFPID-267618",
"CSAFPID-267619",
"CSAFPID-267620",
"CSAFPID-267621",
"CSAFPID-267622",
"CSAFPID-267623",
"CSAFPID-267624",
"CSAFPID-267625",
"CSAFPID-267626",
"CSAFPID-267627",
"CSAFPID-267628",
"CSAFPID-267629",
"CSAFPID-267630",
"CSAFPID-267631",
"CSAFPID-267632",
"CSAFPID-267633",
"CSAFPID-267634",
"CSAFPID-267635",
"CSAFPID-267645",
"CSAFPID-267646",
"CSAFPID-267647",
"CSAFPID-267648",
"CSAFPID-267650",
"CSAFPID-267651",
"CSAFPID-267652",
"CSAFPID-267654",
"CSAFPID-267677",
"CSAFPID-267678",
"CSAFPID-267679",
"CSAFPID-267680",
"CSAFPID-267681",
"CSAFPID-267682",
"CSAFPID-267683"
]
}
],
"title": "Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…