Detections
Analytics
Cisco Secure Firewall Management Center Software Authentication Bypass (cisco-sa-onprem-fmc-authbypass-5JPp45V2)
critical Nessus Plugin ID 302174
Language:
Synopsis
The remote device is missing a vendor-supplied security patch.Description
A vulnerability in the web interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an affected device to obtain root access to the underlying operating system. This vulnerability is due to an improper system process that is created at boot time. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute a variety of scripts and commands that allow root access to the device.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwr96008.See Also
Plugin Details
Severity: Critical
ID: 302174
File Name: cisco-sa-onprem-fmc-authbypass-5JPp45V2.nasl
Version: 1.2
Type: Local
Family: CISCO
Published: 3/13/2026
Updated: 3/16/2026
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.2
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2026-20079
CVSS v3
Risk Factor: Critical
Base Score: 10
Temporal Score: 9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:cisco:firepower_management_center
Required KB Items: Host/Cisco/firepower_mc/version
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 3/4/2026
Vulnerability Publication Date: 3/4/2026
Reference Information
CVE: CVE-2026-20079