CNVD-2024-44492 — Vulnetix

CNVD-2024-44492 PUBLISHED CVSS 5.400000095367432 MEDIUM

Cisco Firepower Management Center是美国思科（Cisco）公司的新一代防火墙管理中心软件。 Cisco Firepower Management Center WEB接口存在跨站脚本漏洞，远程攻击者可利用该漏洞注入恶意脚本或HTML代码，当恶意数据被查看时，可获取敏感信息或劫持用户会话。

Risk Scores

CVSS v3.1

5.400000095367432

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Affected Products

Vendor	Product	Versions
Cisco	Cisco Firepower Management Center	6.2.3, 6.2.3.1, 6.2.3.2

Timeline

Oct 23, 2024 CVE Published
Oct 23, 2024 PoC Published
Oct 28, 2024 CVE ID Reserved

References

cisco-sa-fmc-xss-dhJxQYZs url

Open in Interactive Console →