Security News > 2020 > January > Cisco Patches Critical Vulnerability in Network Security Tool

Cisco Patches Critical Vulnerability in Network Security Tool
2020-01-23 20:29

A critical vulnerability in the Cisco Firepower Management Center could allow a remote attacker to bypass authentication and execute arbitrary actions on affected devices as administrator.

The issue, Cisco explains, emerges from the improper handling of Lightweight Directory Access Protocol authentication responses from an external server.

Cisco FMC is affected only if it was configured to authenticate users of the web-based management interface through an external LDAP server, Cisco explains.

Fixes were included in Cisco FMC Software versions 6.4.0.7 and 6.5.0.2.

Cisco has released software updates to address all of these flaws and affected customers are advised to apply them as soon as possible, to ensure they are protected.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/7PsYiCpRnmY/cisco-patches-critical-vulnerability-network-security-tool

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1773 1669 288 3751