CVE-2021-34751

CWE-3174 documents4 sources

Severity

4.3MEDIUM

EPSS

0.2%

top 59.00%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Secure Firewall Management Center Cisco Cisco Firepower Management Center

Timeline

PublishedNov 15

Description

A vulnerability in the administrative web-based GUI configuration manager of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to access sensitive configuration information. The attacker would require low privilege credentials on an affected device. This vulnerability exists because of improper encryption of sensitive information stored within the GUI configuration manager. An attacker could exploit this vulnerability by logging into the GUI of Cisco …

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5cisco/cisco_firepower_management_centerN/A

▶NVDcisco/secure_firewall_management_center6.5.0 — 6.6.5.1+3

🔴Vulnerability Details

CVEList

Cisco Firepower Management Center Software Configuration Information Disclosure Vulnerability↗2024-11-15

▶

GHSA

GHSA-95xp-3pj7-m5fh: A vulnerability in the administrative web-based GUI configuration manager of Cisco Firepower Management Center (FMC) Software could allow an authentic↗2024-11-15

▶

📋Vendor Advisories

Cisco

Cisco Firepower Management Center Software Configuration Information Disclosure Vulnerabilities↗2021-10-27

▶