CVE-2022-20872

15.11.2022, 21:15

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device.
     
These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information. In some cases, it is also possible to cause a temporary availability impact to portions of the FMC Dashboard.

Cross-site Scripting

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4.8 MEDIUM	NETWORK	LOW	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
cisco	CNA	4.8 MEDIUM	NETWORK	LOW	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 10%

Vendor	Product	Version
cisco	secure_firewall_management_center	6.1.0
cisco	secure_firewall_management_center	6.1.0.1
cisco	secure_firewall_management_center	6.1.0.2
cisco	secure_firewall_management_center	6.1.0.3
cisco	secure_firewall_management_center	6.1.0.4
cisco	secure_firewall_management_center	6.1.0.5
cisco	secure_firewall_management_center	6.1.0.6
cisco	secure_firewall_management_center	6.1.0.7
cisco	secure_firewall_management_center	6.2.0
cisco	secure_firewall_management_center	6.2.0.1
cisco	secure_firewall_management_center	6.2.0.2
cisco	secure_firewall_management_center	6.2.0.3
cisco	secure_firewall_management_center	6.2.0.4
cisco	secure_firewall_management_center	6.2.0.5
cisco	secure_firewall_management_center	6.2.0.6
cisco	secure_firewall_management_center	6.2.1
cisco	secure_firewall_management_center	6.2.2
cisco	secure_firewall_management_center	6.2.2.1
cisco	secure_firewall_management_center	6.2.2.2
cisco	secure_firewall_management_center	6.2.2.3
cisco	secure_firewall_management_center	6.2.2.4
cisco	secure_firewall_management_center	6.2.2.5
cisco	secure_firewall_management_center	6.2.3
cisco	secure_firewall_management_center	6.2.3.1
cisco	secure_firewall_management_center	6.2.3.2
cisco	secure_firewall_management_center	6.2.3.3
cisco	secure_firewall_management_center	6.2.3.4
cisco	secure_firewall_management_center	6.2.3.5
cisco	secure_firewall_management_center	6.2.3.6
cisco	secure_firewall_management_center	6.2.3.7
cisco	secure_firewall_management_center	6.2.3.9
cisco	secure_firewall_management_center	6.2.3.10
cisco	secure_firewall_management_center	6.2.3.11
cisco	secure_firewall_management_center	6.2.3.12
cisco	secure_firewall_management_center	6.2.3.13
cisco	secure_firewall_management_center	6.2.3.14
cisco	secure_firewall_management_center	6.2.3.15
cisco	secure_firewall_management_center	6.2.3.16
cisco	secure_firewall_management_center	6.2.3.17
cisco	secure_firewall_management_center	6.2.3.18
cisco	secure_firewall_management_center	6.3.0
cisco	secure_firewall_management_center	6.3.0.1
cisco	secure_firewall_management_center	6.3.0.2
cisco	secure_firewall_management_center	6.3.0.3
cisco	secure_firewall_management_center	6.3.0.4
cisco	secure_firewall_management_center	6.3.0.5
cisco	secure_firewall_management_center	6.4.0
cisco	secure_firewall_management_center	6.4.0.1
cisco	secure_firewall_management_center	6.4.0.2
cisco	secure_firewall_management_center	6.4.0.3
cisco	secure_firewall_management_center	6.4.0.4
cisco	secure_firewall_management_center	6.4.0.5
cisco	secure_firewall_management_center	6.4.0.7
cisco	secure_firewall_management_center	6.4.0.8
cisco	secure_firewall_management_center	6.4.0.9
cisco	secure_firewall_management_center	6.4.0.10
cisco	secure_firewall_management_center	6.4.0.11
cisco	secure_firewall_management_center	6.4.0.12
cisco	secure_firewall_management_center	6.4.0.13
cisco	secure_firewall_management_center	6.4.0.14
cisco	secure_firewall_management_center	6.4.0.15
cisco	secure_firewall_management_center	6.5.0
cisco	secure_firewall_management_center	6.5.0.1
cisco	secure_firewall_management_center	6.5.0.2
cisco	secure_firewall_management_center	6.5.0.3
cisco	secure_firewall_management_center	6.5.0.4
cisco	secure_firewall_management_center	6.5.0.5
cisco	secure_firewall_management_center	6.6.0
cisco	secure_firewall_management_center	6.6.0.1
cisco	secure_firewall_management_center	6.6.1
cisco	secure_firewall_management_center	6.6.3
cisco	secure_firewall_management_center	6.6.4
cisco	secure_firewall_management_center	6.6.5
cisco	secure_firewall_management_center	6.6.5.1
cisco	secure_firewall_management_center	6.6.5.2
cisco	secure_firewall_management_center	6.6.7
cisco	secure_firewall_management_center	6.7.0
cisco	secure_firewall_management_center	6.7.0.1
cisco	secure_firewall_management_center	6.7.0.2
cisco	secure_firewall_management_center	6.7.0.3
cisco	secure_firewall_management_center	7.0.0
cisco	secure_firewall_management_center	7.0.0.1
cisco	secure_firewall_management_center	7.0.1
cisco	secure_firewall_management_center	7.0.1.1
cisco	secure_firewall_management_center	7.0.2
cisco	secure_firewall_management_center	7.0.2.1
cisco	secure_firewall_management_center	7.0.3
cisco	secure_firewall_management_center	7.0.4
cisco	secure_firewall_management_center	7.1.0
cisco	secure_firewall_management_center	7.1.0.1
cisco	secure_firewall_management_center	7.1.0.2
cisco	secure_firewall_management_center	7.2.0

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-LATZYzxs