CVE-2019-12691Path Traversal in Cisco Firepower Management Center

CWE-22Path Traversal4 documents4 sources
Severity
4.9MEDIUMNVD
EPSS
0.1%
top 80.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Firepower Management CenterCisco Secure Firewall Management Center
Timeline
PublishedOct 2
Latest updateMay 24

Description

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to bypass Cisco FMC Soft

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 1.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5cisco/cisco_firepower_management_centerunspecifiedn/a

🔴Vulnerability Details

2
GHSA
GHSA-m4rx-55j5-4p43: A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacke2022-05-24
CVEList
Cisco Firepower Management Center Directory Traversal Vulnerability2019-10-02

📋Vendor Advisories

1
Cisco
Cisco Firepower Management Center Directory Traversal Vulnerability2019-10-02
CVE-2019-12691 — Path Traversal in Cisco | cvebase