CVE-2022-20918 — Improper Access Control in Cisco Secure Firewall Management Center

CWE-284 — Improper Access Control CWE-287 — Improper Authentication CWE-269 — Improper Privilege Management4 documents4 sources

Severity

7.5HIGHNVD

EPSS

0.8%

top 26.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Secure Firewall Management Center Cisco Firepower Management Center Cisco Firepower Services Software FOR ASA

Timeline

PublishedNov 15

Latest updateNov 16

Description

A vulnerability in the Simple Network Management Protocol (SNMP) access controls for Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module, Cisco Firepower Management Center (FMC) Software, and Cisco Next-Generation Intrusion Prevention System (NGIPS) Software could allow an unauthenticated, remote attacker to perform an SNMP GET request using a default credential. This vulnerability is due to the presence of a default credential for SNMP version 1 (SNMPv1) and SNMP ver…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶CVEListV5cisco/cisco_firepower_management_center8 versions+7

▶CVEListV5cisco/cisco_firepower_services_software_for_asaN/A

▶NVDcisco/secure_firewall_management_center7.0.0 — 7.0.5

🔴Vulnerability Details

GHSA

GHSA-2cx7-566f-cvrr: A vulnerability in the Simple Network Management Protocol (SNMP) access controls for Cisco FirePOWER Software for Adaptive Security Appliance (ASA) Fi↗2022-11-16

▶

CVEList

CVE-2022-20918: A vulnerability in the Simple Network Management Protocol (SNMP) access controls for Cisco FirePOWER Software for Adaptive Security Appliance (ASA) Fi↗2022-11-10

▶

📋Vendor Advisories

Cisco

Cisco FirePOWER Software for ASA FirePOWER Module, Firepower Management Center Software, and NGIPS Software SNMP Default Credential Vulnerability↗2022-11-09

▶