CVE-2024-20360: SQL injection vulnerability affecting Cisco Firepower Management Center
Cisco fixed a vulnerability in the web-based management interface of the Firepower Management Center (FMC) Software, identified as CVE-2024-20360 (CVSS score 8.8).
A vulnerability in the web-based administration interface of the Cisco Firepower Management Center (FMC) software could make it possible for a remote, authenticated attacker to execute SQL injection attacks on a vulnerable system
CVE-2024-20360
The web-based administration interface’s inadequate validation of user input is the reason for this vulnerability. By logging into the application and submitting specially crafted SQL queries to a system that is vulnerable, an attacker could take advantage of this flaw. In the event that the exploit is successful, the attacker might be able to access any database data, run any kind of command on the underlying operating system, and get root privileges. An attacker would require Read Only user credentials at the very least in order to take advantage of this vulnerability.
Affected Products
Regardless of the device configuration, this vulnerability impacts devices running a vulnerable release of Cisco FMC Software.
Cisco offers the Cisco Software Checker to assist customers in assessing their vulnerability to vulnerabilities in the Cisco ASA, FMC, and FTD software. This utility finds the earliest software release that addresses vulnerabilities and any Cisco security advisories that affect a certain software release.
Link to Cisco Software checker:
https://sec.cloudapps.cisco.com/security/center/softwarechecker.x
Mitigation
Free software upgrades from Cisco have been made available to fix the vulnerability mentioned in this advisory. Clients who have service agreements that guarantee them software updates on a regular basis ought to receive security updates via their typical update channels.
According to Cisco, there isn’t a workaround for this vulnerability. Cisco has also verified that neither Firepower Threat Defense (FTD) nor Adaptive Security Appliance (ASA) software is impacted by this vulnerability.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sqli-WFFDnNOs