| Summary | A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. This vulnerability is due to improper validation of user-supplied data. An attacker could exploit this vulnerability by submitting malicious content to an affected device and using the device to generate a document that contains sensitive information. A successful exploit could allow the attacker to alter the standard layout of the device-generated documents, access arbitrary files from the underlying operating system, and conduct server-side request forgery (SSRF) attacks. To successfully exploit this vulnerability, an attacker would need valid credentials for a user account with policy-editing permissions, such as Network Admin, Intrusion Admin, or any custom user role with the same capabilities. |
|---|---|
| Publication Date | Oct. 24, 2024, 2:15 a.m. |
| Registration Date | Oct. 24, 2024, 5 a.m. |
| Last Update | Oct. 25, 2024, 9:56 p.m. |
| Title | シスコシステムズの Cisco Secure Firewall Management Center におけるクロスサイトスクリプティングの脆弱性 |
|---|---|
| Summary | シスコシステムズの Cisco Secure Firewall Management Center には、クロスサイトスクリプティングの脆弱性が存在します。 |
| Possible impacts | 情報を取得される、および情報を改ざんされる可能性があります。 |
| Solution | ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。 |
| Publication Date | Oct. 23, 2024, midnight |
| Registration Date | Aug. 6, 2025, 3:07 p.m. |
| Last Update | Aug. 6, 2025, 3:07 p.m. |
| シスコシステムズ |
| Cisco Secure Firewall Management Center 6.2.3 |
| Cisco Secure Firewall Management Center 6.2.3.1 |
| Cisco Secure Firewall Management Center 6.2.3.10 |
| Cisco Secure Firewall Management Center 6.2.3.11 |
| Cisco Secure Firewall Management Center 6.2.3.12 |
| Cisco Secure Firewall Management Center 6.2.3.13 |
| Cisco Secure Firewall Management Center 6.2.3.14 |
| Cisco Secure Firewall Management Center 6.2.3.15 |
| Cisco Secure Firewall Management Center 6.2.3.16 |
| Cisco Secure Firewall Management Center 6.2.3.17 |
| Cisco Secure Firewall Management Center 6.2.3.18 |
| Cisco Secure Firewall Management Center 6.2.3.2 |
| Cisco Secure Firewall Management Center 6.2.3.3 |
| Cisco Secure Firewall Management Center 6.2.3.4 |
| Cisco Secure Firewall Management Center 6.2.3.5 |
| Cisco Secure Firewall Management Center 6.2.3.6 |
| Cisco Secure Firewall Management Center 6.2.3.7 |
| Cisco Secure Firewall Management Center 6.2.3.8 |
| Cisco Secure Firewall Management Center 6.2.3.9 |
| Cisco Secure Firewall Management Center 6.4.0 |
| No | Changed Details | Date of change |
|---|---|---|
| 1 | [2025年08月06日] 掲載 | Aug. 6, 2025, 11:14 a.m. |