CVE-2020-3318

Published: May 6, 2020Modified: Nov 26, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Multiple vulnerabilities in Cisco Firepower Management Center (FMC) Software and Cisco Firepower User Agent Software could allow an attacker to access a sensitive part of an affected system with a high-privileged account. For more information about these vulnerabilities, see the Details section of this advisory.

Affected (13)

Products: Cisco: Secure Firewall Management Center

Cisco

1 product

Secure Firewall Management Center

Configuration A

13 vulnerable

Vulnerable Software	Affected Versions
Cisco Secure Firewall Management Center	Version 2.0.3
Cisco Secure Firewall Management Center	Version 2.1.0
Cisco Secure Firewall Management Center	Version 2.1.1
Cisco Secure Firewall Management Center	Version 2.2.0
Cisco Secure Firewall Management Center	Version 2.3.0
Cisco Secure Firewall Management Center	Version 5.0.0
Cisco Secure Firewall Management Center	Version 6.0.0
Cisco Secure Firewall Management Center	Version 6.1.0
Cisco Secure Firewall Management Center	Version 6.2.0
Cisco Secure Firewall Management Center	Version 6.2.3
Cisco Secure Firewall Management Center	Version 6.3.0
Cisco Secure Firewall Management Center	Version 6.4.0
Cisco Secure Firewall Management Center	Version 6.5.0

Related CWEs

CWE-798

Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

References (2)

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmcua-statcred-weeCcZct

Source: psirt@cisco.com

Vendor Advisory

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmcua-statcred-weeCcZct

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.