A critical flaw in the Cisco Firepower Management Center (FMC) could let a remote attacker avoid verification and perform random actions on affected devices as administrator.
Cisco explains that the issue arises from the unsuitable treatment of Lightweight Directory Access Protocol (LDAP) verification responses from an external server. Therefore, an attacker could send crafted HTTP requests to an impacted device and obtain administrative access to the web-based management interface.
Cisco FMC is impacted only if it was configured to validate users of the web-based management interface through an external LDAP server.
Tracked as CVE-2019-16028, the flaw features a CVSS score of 9.8.
Repairs were included in Cisco FMC Software versions 22.214.171.124 and 126.96.36.199. The company also seeks to issue fixes for versions 6.2.3 (188.8.131.52) and 6.3.0 (184.108.40.206) in February and May 2020, respectively.
This week, Cisco also issued 7 patches for 8 High severity flaws affecting Cisco TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software; IOS XE SD-WAN Software; SD-WAN Solution vManage software, Smart Software Manager On-Prem, and IOS XR Software.
Successful misuse of these vulnerabilites could lead to directory traversal attacks, unsanctioned access to compromised devices, privilege escalation, and denial of service (DoS).
Cisco has issued software updates to deal with all of these faults and impacted customers are directed to apply them as soon as possible, to guarantee they are protected.
The company says that it doesn’t know of any “public announcements or malicious use” of these susceptibilities.