ID

VAR-202204-1936


CVE

CVE-2022-20743


TITLE

Cisco Firepower Management Center  Unrestricted Upload of Dangerous File Types Vulnerability in Software

Trust: 0.8

sources: JVNDB: JVNDB-2022-010238

DESCRIPTION

A vulnerability in the web management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to bypass security protections and upload malicious files to the affected system. This vulnerability is due to improper validation of files uploaded to the web management interface of Cisco FMC Software. An attacker could exploit this vulnerability by uploading a maliciously crafted file to a device running affected software. A successful exploit could allow the attacker to store malicious files on the device, which they could access later to conduct additional attacks, including executing arbitrary code on the affected device with root privileges. (DoS) It may be in a state. Cisco Firepower Management Center (FMC) is a new generation of firewall management center software from Cisco. There are no workarounds that address this vulnerability. This advisory is available at the following link:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-security-bypass-JhOd29Gg This advisory is part of the April 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: April 2022 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication

Trust: 1.8

sources: NVD: CVE-2022-20743 // JVNDB: JVNDB-2022-010238 // VULHUB: VHN-405296 // VULMON: CVE-2022-20743

AFFECTED PRODUCTS

vendor:ciscomodel:firepower management centerscope:ltversion:7.1.0.1

Trust: 1.0

vendor:ciscomodel:firepower management centerscope:gteversion:6.5.0

Trust: 1.0

vendor:ciscomodel:firepower management centerscope:gteversion:7.1.0

Trust: 1.0

vendor:ciscomodel:firepower management centerscope:ltversion:6.4.0.15

Trust: 1.0

vendor:ciscomodel:firepower management centerscope:ltversion:7.0.2

Trust: 1.0

vendor:ciscomodel:firepower management centerscope:gteversion:6.7.0

Trust: 1.0

vendor:ciscomodel:firepower management centerscope:ltversion:6.6.5.2

Trust: 1.0

vendor:シスコシステムズmodel:cisco firepower management centerscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco firepower management centerscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-010238 // NVD: CVE-2022-20743

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-20743
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2022-20743
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-20743
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202204-4509
value: HIGH

Trust: 0.6

VULHUB: VHN-405296
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2022-20743
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-405296
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-20743
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2022-20743
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-20743
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-405296 // JVNDB: JVNDB-2022-010238 // CNNVD: CNNVD-202204-4509 // NVD: CVE-2022-20743 // NVD: CVE-2022-20743

PROBLEMTYPE DATA

problemtype:CWE-434

Trust: 1.1

problemtype:Unlimited uploads of dangerous types of files (CWE-434) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-405296 // JVNDB: JVNDB-2022-010238 // NVD: CVE-2022-20743

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202204-4509

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202204-4509

PATCH

title:cisco-sa-fmc-security-bypass-JhOd29Ggurl:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-security-bypass-JhOd29Gg

Trust: 0.8

title:Cisco Firepower Management Center Fixes for code issue vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=191926

Trust: 0.6

title:Cisco: Cisco Firepower Management Center File Upload Security Bypass Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-fmc-security-bypass-JhOd29Gg

Trust: 0.1

sources: VULMON: CVE-2022-20743 // JVNDB: JVNDB-2022-010238 // CNNVD: CNNVD-202204-4509

EXTERNAL IDS

db:NVDid:CVE-2022-20743

Trust: 3.4

db:JVNDBid:JVNDB-2022-010238

Trust: 0.8

db:CS-HELPid:SB2022042809

Trust: 0.6

db:AUSCERTid:ESB-2022.1905

Trust: 0.6

db:CNNVDid:CNNVD-202204-4509

Trust: 0.6

db:CNVDid:CNVD-2022-43399

Trust: 0.1

db:VULHUBid:VHN-405296

Trust: 0.1

db:VULMONid:CVE-2022-20743

Trust: 0.1

sources: VULHUB: VHN-405296 // VULMON: CVE-2022-20743 // JVNDB: JVNDB-2022-010238 // CNNVD: CNNVD-202204-4509 // NVD: CVE-2022-20743

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-fmc-security-bypass-jhod29gg

Trust: 2.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-20743

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2022042809

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.1905

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-20743/

Trust: 0.6

sources: VULHUB: VHN-405296 // VULMON: CVE-2022-20743 // JVNDB: JVNDB-2022-010238 // CNNVD: CNNVD-202204-4509 // NVD: CVE-2022-20743

SOURCES

db:VULHUBid:VHN-405296
db:VULMONid:CVE-2022-20743
db:JVNDBid:JVNDB-2022-010238
db:CNNVDid:CNNVD-202204-4509
db:NVDid:CVE-2022-20743

LAST UPDATE DATE

2024-08-14T14:55:29.201000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-405296date:2022-05-09T00:00:00
db:JVNDBid:JVNDB-2022-010238date:2023-08-14T05:30:00
db:CNNVDid:CNNVD-202204-4509date:2022-05-10T00:00:00
db:NVDid:CVE-2022-20743date:2023-11-07T03:42:49.077

SOURCES RELEASE DATE

db:VULHUBid:VHN-405296date:2022-05-03T00:00:00
db:JVNDBid:JVNDB-2022-010238date:2023-08-14T00:00:00
db:CNNVDid:CNNVD-202204-4509date:2022-04-27T00:00:00
db:NVDid:CVE-2022-20743date:2022-05-03T04:15:09.377