Main Vulnerability Database SB2024052717

SB2024052717 - Access Control List Bypass in Cisco Firepower Management Center

Published: May 27, 2024

Security Bulletin ID SB2024052717

CSH Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2024-20361)

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote attacker to bypass configured access controls.

The vulnerability exists due to the incorrect deployment of the Object Groups for Access Control Lists (ACLs) feature from Cisco FMC Software to managed FTD devices in high-availability setups. A remote attacker can bypass configured access controls and send traffic to devices that are expected to be protected by the affected device.

Remediation

Install update from vendor's website.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-object-bypass-fTH8tDjq