Detections
Analytics

Cisco Firepower Management Center File Upload Security Bypass (cisco-sa-fmc-security-bypass-JhOd29Gg)

high Nessus Plugin ID 160491

Language:

Synopsis

The remote device is missing a vendor-supplied security patch

Description

The version of Cisco Firepower Management Center installed on the remote host is affected by a security bypass vulnerability in the web management interface that allows an authenticated, remote attacker to bypass security protections and upload malicious files to the affected system. This vulnerability is due to improper validation of files uploaded to the web management interface of Cisco FMC Software. An attacker could exploit this vulnerability by uploading a maliciously crafted file to a device running affected software. A successful exploit could allow the attacker to store malicious files on the device, which they could access later to conduct additional attacks, including executing arbitrary code on the affected device with root privileges.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwa40237

See Also

http://www.nessus.org/u?8b0675fe

https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74836

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa40237

Plugin Details

Severity: High

ID: 160491

File Name: cisco-sa-fmc-security-bypass-JhOd29Gg.nasl

Version: 1.6

Type: local

Family: CISCO

Published: 5/4/2022

Updated: 11/21/2022

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 6.7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2022-20743

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:cisco:firepower_management_center

Required KB Items: Host/Cisco/firepower_mc/version

Exploit Ease: No known exploits are available

Patch Publication Date: 4/27/2022

Vulnerability Publication Date: 4/27/2022

Reference Information

CVE: CVE-2022-20743

CWE: 434

CISCO-SA: cisco-sa-fmc-security-bypass-JhOd29Gg

IAVA: 2022-A-0184-S

CISCO-BUG-ID: CSCwa40237