TL;DR 📌

A denial of service (DoS) vulnerability has been identified in the Remote Access SSL VPN service for Cisco Secure Firewall ASA and FTD Software. This flaw could allow an authenticated attacker to cause the device to reload unexpectedly. Cisco has released updates to address this issue, but no workarounds are available.

What happened 🕵️‍♂️

A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software has been discovered. This vulnerability arises from incomplete error checking when parsing an HTTP header field value. An authenticated attacker could exploit this by sending a crafted HTTP request, leading to an unexpected device reload and resulting in a denial of service (DoS) condition.

TL;DR 📌

Multiple vulnerabilities have been identified in the Cisco Secure Firewall Management Center (FMC) Software that could allow authenticated, low-privileged remote attackers to access unauthorized files. The highest CVSS score for these vulnerabilities is 6.5, indicating a medium level of risk. Software updates are available to address these issues, but there are no workarounds.

What happened 🕵️‍♂️

Cisco has disclosed multiple vulnerabilities in the web-based management interface of the Cisco Secure Firewall Management Center (FMC) Software. These vulnerabilities could allow an authenticated, low-privileged remote attacker to access files they are not authorized to view, including troubleshoot files and generated reports from different domains managed on the same FMC instance. The vulnerabilities stem from missing authorization checks.

TL;DR 📌

A command injection vulnerability has been identified in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software. This flaw allows authenticated attackers with Administrator-level privileges to execute arbitrary commands on the underlying operating system. The highest CVSS score for this vulnerability is 4.9, classified as Medium severity. No workarounds are available, and software updates have been released to address the issue.

TL;DR 📌

A command injection vulnerability has been identified in Cisco Secure Firewall Management Center (FMC) and Secure Firewall Threat Defense (FTD) Software. This medium-severity issue allows authenticated local attackers to execute arbitrary commands on the underlying operating system. Cisco has released software updates to address this vulnerability, but no workarounds are available.

What happened 🕵️‍♂️

A vulnerability in the command-line interface (CLI) of Cisco Secure Firewall Management Center (FMC) and Secure Firewall Threat Defense (FTD) Software has been discovered. This flaw arises from improper input validation for specific CLI commands, enabling an authenticated local attacker to inject operating system commands. If exploited, the attacker could escape the restricted command prompt and execute arbitrary commands as root on the underlying operating system. Successful exploitation requires valid Administrator credentials.

TL;DR 📌

A high-severity HTML injection vulnerability has been identified in the Cisco Secure Firewall Management Center (FMC) Software. This flaw allows authenticated remote attackers to inject arbitrary HTML content into device-generated documents, potentially leading to sensitive information exposure. Cisco has released updates to address this issue, but there are no workarounds available.

What happened 🕵️‍♂️

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center Software could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. This vulnerability arises from improper validation of user-supplied data. An attacker with valid credentials (at least Security Analyst role) could exploit this vulnerability to alter document layouts, read arbitrary files from the underlying operating system, and conduct server-side request forgery (SSRF) attacks.

TL;DR 📌

A critical vulnerability has been identified in the Cisco Secure Firewall Management Center (FMC) Software that allows unauthenticated remote code execution via the RADIUS subsystem. This vulnerability has a CVSS score of 10.0, indicating a severe risk. Immediate action is required to patch affected systems.

What happened 🕵️‍♂️

A vulnerability in the RADIUS subsystem of Cisco Secure FMC Software could allow an unauthenticated, remote attacker to execute arbitrary shell commands on the device. This issue arises from improper handling of user input during the authentication phase. Exploitation requires that RADIUS authentication is configured for the web-based management interface, SSH management, or both.

TL;DR 📌

A medium-severity XPATH injection vulnerability has been identified in the Cisco Secure Firewall Management Center (FMC) Software, allowing authenticated attackers to retrieve sensitive information. There are no workarounds available, and users are advised to apply the necessary software updates.

What happened 🕵️‍♂️

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software has been discovered. This vulnerability arises from insufficient input validation, enabling an authenticated remote attacker to send crafted requests to the management interface. Successful exploitation could lead to the retrieval of sensitive information from the affected device. Importantly, the attacker must possess valid administrative credentials to exploit this vulnerability.

TL;DR 📌

A medium severity cross-site scripting (XSS) vulnerability has been identified in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software. This flaw could allow unauthenticated remote attackers to execute arbitrary scripts in the context of the interface. There are no workarounds available, but Cisco has released software updates to address this issue.

What happened 🕵️‍♂️

Cisco has reported a vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software. This vulnerability arises from insufficient validation of user-supplied input, allowing attackers to execute arbitrary script code or access sensitive browser-based information through crafted input.

TL;DR 📌

A denial of service (DoS) vulnerability has been identified in the Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Software for the Firepower 2100 Series. This vulnerability allows unauthenticated remote attackers to cause a device reload by sending specially crafted IPv6 packets over an IPsec VPN connection. Cisco has released software updates to address this issue, but there are no workarounds available.

TL;DR 📌

A high-severity denial of service (DoS) vulnerability has been identified in the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense Software. An unauthenticated remote attacker can exploit this issue, leading to potential service disruptions. Cisco has released software updates to address this vulnerability, but no workarounds are available.

What happened 🕵️‍♂️

A vulnerability in the packet inspection functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition on affected devices. This issue arises from incorrect processing of traffic being inspected, which can lead to an infinite loop during traffic inspection. Although the system watchdog will automatically restart the Snort process, the vulnerability poses a significant risk of service interruption.