Information disclosure in Cisco Secure Firewall Management Center (formerly Firepower Management Center, FMC) - CVE-2018-0278
Published: May 7, 2018
Vulnerability identifier: #VU12384
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-0278
CWE-ID: CWE-200
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco Secure Firewall Management Center (formerly Firepower Management Center, FMC)
Cisco Secure Firewall Management Center (formerly Firepower Management Center, FMC)
Detailed vulnerability description
The vulnerability allows a remote unauthenticated attacker to obtain potentially sensitive information on the target system.
The weakness exists in the management console due to improper cross-origin domain protections for the WebSocket protocol. A remote attacker can trick the victim into visiting a malicious website designed to send requests while the user is logged into the application with an active session cookie and retrieve policy or configuration information.
The weakness exists in the management console due to improper cross-origin domain protections for the WebSocket protocol. A remote attacker can trick the victim into visiting a malicious website designed to send requests while the user is logged into the application with an active session cookie and retrieve policy or configuration information.
How to mitigate CVE-2018-0278
Install update from vendor's website.