CVE-2021-1369 — XML External Entity (XXE) Injection in Cisco Firepower Device Manager

CWE-611 — XML External Entity (XXE) Injection6 documents5 sources

Severity

5.4MEDIUMNVD

EPSS

0.5%

top 32.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Firepower Device Manager Cisco Firepower Threat Defense Software

Timeline

PublishedApr 29

Latest updateMay 24

Description

A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected device. This vulnerability is due to the improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could exploit this vulnerability by sending malicious requests that contain references in XML entities to an affected system. A successful exploit coul…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:LExploitability: 2.8 | Impact: 2.5

Affected Packages2 packages

▶NVDcisco/firepower_device_manager6.6.0 — 6.6.3+1

▶CVEListV5cisco/cisco_firepower_threat_defense_softwaren/a

🔴Vulnerability Details

GHSA

GHSA-9qgx-q669-3c22: A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow an authenticated, remote attacker to gain read and↗2022-05-24

▶

CVEList

Cisco Firepower Device Manager On-Box Software XML External Entity Vulnerability↗2021-04-29

▶

📋Vendor Advisories

Cisco

Cisco Firepower Device Manager On-Box Software XML External Entity Vulnerability↗2021-04-28

▶

🕵️Threat Intelligence

Talos

Vulnerability Spotlight: Vulnerabilities in Anker Eufy Homebase could lead to code execution, buffer overflows↗2021-10-12

▶