CNVD-2024-43205 — Vulnetix

CNVD-2024-43205 PUBLISHED CVSS 4.800000190734863 MEDIUM

Cisco Firepower Management Center（FMC）是美国思科（Cisco）公司的新一代防火墙管理中心软件。 Cisco Firepower Management Center存在跨站脚本漏洞，该漏洞源于Web管理界面对用户提供的输入未进行充分验证，攻击者可利用该漏洞执行任意脚本代码，访问基于浏览器的敏感信息。

Risk Scores

CVSS 3.1

4.800000190734863

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Affected Products

Vendor	Product	Versions
Cisco	Cisco Firepower Management Center	6.2.3, 6.2.3.1, 6.2.3.2

Exploit Intelligence

CIRCL seen: CVE-2024-20403 (circl-sighting)
cisco-sa-fmc-xss-dhJxQYZs (circl)

Timeline

Oct 23, 2024 CVE Published
Oct 23, 2024 PoC Published
Oct 30, 2024 CVE ID Reserved

References

cisco-sa-fmc-xss-dhJxQYZs url

Open in Interactive Console →