Detections
Analytics

Cisco Firepower Device Manager On-Box Software XML Parsing (cisco-sa-xpftd-gYDXyN8H)

medium Nessus Plugin ID 138361

Language:

Synopsis

The remote device is missing a vendor-supplied security patch

Description

According to its self-reported version, Cisco Firepower Threat Defense Software is affected by a vulnerability in the XML parser code of Cisco Firepower Device Manager On-Box software. An authenticated, remote attacker can exploit this in multiple ways using a malicious file in order to crash the XML parser process to cause system instability, memory exhaustion, or a reload of the affected system.

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvg48900

See Also

http://www.nessus.org/u?eb987da1

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvg48900

Plugin Details

Severity: Medium

ID: 138361

File Name: cisco-sa-xpftd-gYDXyN8H.nasl

Version: 1.8

Type: combined

Family: CISCO

Published: 7/10/2020

Updated: 8/13/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS Score Source: CVE-2020-3310

CVSS v3

Risk Factor: Medium

Base Score: 4.9

Temporal Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:cisco:firepower_device_manager_on-box

Required KB Items: installed_sw/Cisco Firepower Threat Defense, installed_sw/Cisco Firepower Device Manager Web Interface

Exploit Ease: No known exploits are available

Patch Publication Date: 5/6/2020

Vulnerability Publication Date: 5/6/2020

Reference Information

CVE: CVE-2020-3310

CWE: 119

CISCO-SA: cisco-sa-xpftd-gYDXyN8H

CISCO-BUG-ID: CSCvg48900