CVE-2022-20938 — XML External Entity (XXE) Injection in Cisco Firepower Management Center

CWE-611 — XML External Entity (XXE) Injection4 documents4 sources

Severity

4.3MEDIUMNVD

EPSS

0.1%

top 67.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Firepower Management Center Cisco Secure Firewall Management Center

Timeline

PublishedNov 15

Latest updateNov 16

Description

A vulnerability in the module import function of the administrative interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to view sensitive information. This vulnerability is due to insufficient validation of the XML syntax when importing a module. An attacker could exploit this vulnerability by supplying a specially crafted XML file to the function. A successful exploit could allow the attacker to read sensitive data that would normally not …

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5cisco/cisco_firepower_management_center58 versions+57

▶NVDcisco/secure_firewall_management_center92 versions+91

🔴Vulnerability Details

GHSA

GHSA-3qwc-gvhp-6f85: A vulnerability in the module import function of the administrative interface of Cisco Firepower Management Center (FMC) Software could allow an authe↗2022-11-16

▶

CVEList

CVE-2022-20938: A vulnerability in the module import function of the administrative interface of Cisco Firepower Management Center (FMC) Software could allow an authe↗2022-11-10

▶

📋Vendor Advisories

Cisco

Cisco Firepower Management Center Software XML External Entity Injection Vulnerability↗2022-11-09

▶