High
The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device.
Authentication Bypass
Cisco
Cisco FMC Software
Please refer to vendor’s advisory for the list of affected products and patches.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth