CNVD-2024-43201 — Vulnetix

CNVD-2024-43201 PUBLISHED CVSS 4.800000190734863 MEDIUM

Cisco Firepower Management Center（FMC）是美国思科（Cisco）公司的新一代防火墙管理中心软件。 Cisco Firepower Management Center存在跨站脚本漏洞，该漏洞源于Web管理界面对用户提供的输入未进行充分验证，攻击者可利用该漏洞执行任意脚本代码，访问基于浏览器的敏感信息。

Risk Scores

CVSS v3.1

4.800000190734863

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Affected Products

Vendor	Product	Versions
Cisco	Cisco Firepower Management Center	7.1.0, 7.1.0.1, 7.2.0

Timeline

Oct 23, 2024 CVE Published
Oct 23, 2024 PoC Published

References

cisco-sa-fmc-xss-dhJxQYZs url
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO url
Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication url

Open in Interactive Console →