Rewterz Threat Advisory – Multiple Cisco Adaptive Security Appliance and Firepower Threat Defense Software Vulnerabilities
November 3, 2023Rewterz Threat Advisory – ICS: Multiple Mitsubishi Electric MELSEC Series Vulnerabilities
November 3, 2023Rewterz Threat Advisory – Multiple Cisco Adaptive Security Appliance and Firepower Threat Defense Software Vulnerabilities
November 3, 2023Rewterz Threat Advisory – ICS: Multiple Mitsubishi Electric MELSEC Series Vulnerabilities
November 3, 2023Severity
High
Analysis Summary
CVE-2023-20048 CVSS:9.9
Cisco Firepower Management Center Software could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by insufficient authorization of configuration commands that are sent through the web service interface. By authenticating to the FMC web services interface and sending a specially crafted HTTP request to an affected device, an attacker could exploit this vulnerability to execute certain configuration commands on the targeted FTD device.
CVE-2023-20220 CVSS:7.2
Cisco Firepower Management Center Software could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by insufficient validation of user-supplied input for certain configuration options. By using crafted input, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2023-20219 CVSS:7.8
Cisco Firepower Management Center Software could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by insufficient validation of user-supplied input for certain configuration options. By using crafted input, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2023-20005 CVSS:6.1
Cisco Firepower Management Center Software is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using various data fields to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-20155 CVSS:7.5
Cisco Firepower Management Center Software is vulnerable to a denial of service, caused by the lack of rate-limiting of requests sent to a specific API that is related to an FMC log. By sending specially crafted HTTP requests to the API, a remote attacker could exploit this vulnerability to cause the device to become unresponsive or trigger an unexpected reload.
CVE-2023-20074 CVSS:6.1
Cisco Firepower Management Center Software is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using various data fields to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-20206 CVSS:6.1
Cisco Firepower Management Center Software is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using various data fields to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-20114 CVSS:6.5
Cisco Firepower Management Center Software could allow a remote authenticated attacker to obtain sensitive information, caused by improper input validation. By sending a specially crafted HTTPS request, an attacker could exploit this vulnerability to download arbitrary files, and use this information to launch further attacks against the affected system.
Impact
- Denial of Service
- Security Bypass
- Cross-Site Scripting
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-20048
- CVE-2023-20220
- CVE-2023-20219
- CVE-2023-20005
- CVE-2023-20155
- CVE-2023-20074
- CVE-2023-20206
- CVE-2023-20114
Affected Vendors
Cisco
Affected Products
- Cisco Firepower Management Center Software
- Cisco Firepower Management Center
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.