A vulnerability was found in Cisco Firepower Management Center (Firewall Software). It has been classified as critical. This affects some unknown functionality of the component HTTP Handler. The manipulation with an unknown input leads to a improper authorization vulnerability. CWE is classifying the issue as CWE-285. The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. This is going to have an impact on confidentiality, integrity, and availability. The summary by CVE is:

A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute certain unauthorized configuration commands on a Firepower Threat Defense (FTD) device that is managed by the FMC Software. This vulnerability is due to insufficient authorization of configuration commands that are sent through the web service interface. An attacker could exploit this vulnerability by authenticating to the FMC web services interface and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute certain configuration commands on the targeted FTD device. To successfully exploit this vulnerability, an attacker would need valid credentials on the FMC Software.

The weakness was shared 11/01/2023 as cisco-sa-fmc-cmd-inj-29MP49hN. It is possible to read the advisory at sec.cloudapps.cisco.com. This vulnerability is uniquely identified as CVE-2023-20048 since 10/27/2022. The technical details are unknown and an exploit is not publicly available. The pricing for an exploit might be around USD $0-$5k at the moment (estimation calculated on 11/29/2023). The attack technique deployed by this issue is T1548.002 according to MITRE ATT&CK.

Upgrading eliminates this vulnerability.

The entries VDB-236625, VDB-238099, VDB-244046 and VDB-246289 are related to this item.

Productinfo

Type

• Firewall Software

Vendor

• Cisco

Name

• Firepower Management Center

Version

• 6.2.3
• 6.2.3.1
• 6.2.3.2
• 6.2.3.3
• 6.2.3.4
• 6.2.3.5
• 6.2.3.6
• 6.2.3.7
• 6.2.3.8
• 6.2.3.9
• 6.2.3.10
• 6.2.3.11
• 6.2.3.12
• 6.2.3.13
• 6.2.3.14
• 6.2.3.15
• 6.2.3.16
• 6.2.3.17
• 6.2.3.18
• 6.4.0
• 6.4.0.1
• 6.4.0.2
• 6.4.0.3
• 6.4.0.4
• 6.4.0.5
• 6.4.0.6
• 6.4.0.7
• 6.4.0.8
• 6.4.0.9
• 6.4.0.10
• 6.4.0.11
• 6.4.0.12
• 6.4.0.13
• 6.4.0.14
• 6.4.0.15
• 6.4.0.16
• 6.6.0
• 6.6.0.1
• 6.6.1
• 6.6.3
• 6.6.4
• 6.6.5
• 6.6.5.1
• 6.6.5.2
• 6.6.7
• 6.6.7.1
• 6.7.0
• 6.7.0.1
• 6.7.0.2
• 6.7.0.3
• 7.0.0
• 7.0.0.1
• 7.0.1
• 7.0.1.1
• 7.0.2
• 7.0.2.1
• 7.0.3
• 7.0.4
• 7.0.5
• 7.1.0
• 7.1.0.1
• 7.1.0.2
• 7.1.0.3
• 7.2.0
• 7.2.0.1
• 7.2.1
• 7.2.2
• 7.2.3
• 7.2.3.1
• 7.3.0
• 7.3.1
• 7.3.1.1

License

• commercial

Support

• end of life (old version)

CPE 2.3info

• 🔒
• 🔒
• 🔒

CPE 2.2info

• 🔒
• 🔒
• 🔒

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion