CVE-2021-34750

CWE-3174 documents4 sources
Severity
4.3MEDIUM
EPSS
0.2%
top 59.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Cisco Firepower Management Center
Timeline
PublishedNov 15

Description

A vulnerability in the administrative web-based GUI configuration manager of Cisco Firepower Management Center Software could allow an authenticated, remote attacker to access sensitive configuration information. The attacker would require low privilege credentials on an affected device. This vulnerability is due to lack of proper encryption of sensitive information stored within the GUI configuration manager. An attacker could exploit this vulnerability by logging into the FMC GUI and navigatin

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages1 packages

🔴Vulnerability Details

2
CVEList
Cisco Firepower Management Center Software Configuration Information Disclosure Vulnerability2024-11-15
GHSA
GHSA-g3v8-p89r-mf62: A vulnerability in the administrative web-based GUI configuration manager of Cisco Firepower Management Center Software could allow an authenticated,2024-11-15

📋Vendor Advisories

1
Cisco
Cisco Firepower Management Center Software Configuration Information Disclosure Vulnerabilities2021-10-27
CVE-2021-34750 (MEDIUM CVSS 4.3) | A vulnerability in the administrati | cvebase.io