Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2023-20048

CWE-269Improper Privilege ManagementCWE-863Incorrect Authorization5 documents5 sources
Severity
9.9CRITICAL
EPSS
4.3%
top 11.18%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Cisco Secure Firewall Management CenterCisco Cisco Firepower Management Center
Timeline
PublishedNov 1
Latest updateMar 12

Description

A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute certain unauthorized configuration commands on a Firepower Threat Defense (FTD) device that is managed by the FMC Software. This vulnerability is due to insufficient authorization of configuration commands that are sent through the web service interface. An attacker could exploit this vulnerability by authenticating to the FMC web services int

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:HExploitability: 3.1 | Impact: 6.0

Affected Packages2 packages

CVEListV5cisco/cisco_firepower_management_center72 versions+71
NVDcisco/secure_firewall_management_center6.2.36.2.3.18+7

🔴Vulnerability Details

2
CVEList
CVE-2023-20048: A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to exe2023-11-01
GHSA
GHSA-jg9m-wr8w-vhxv: A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to exe2023-11-01

💥Exploits & PoCs

1
Exploit-DB
Cisco Firepower Management Center < 6.6.7.1 - Authenticated RCE2024-03-12

📋Vendor Advisories

1
Cisco
Cisco Firepower Management Center Software Command Injection Vulnerability2023-11-01
CVE-2023-20048 (CRITICAL CVSS 9.9) | A vulnerability in the web services | cvebase.io