{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-20403", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2023-11-08T15:08:07.660Z", "datePublished": "2024-10-23T17:36:14.821Z", "dateUpdated": "2024-10-24T17:47:15.288Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-10-23T17:36:14.821Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information."}], "affected": [{"vendor": "Cisco", "product": "Cisco Firepower Management Center", "versions": [{"version": "6.2.3", "status": "affected"}, {"version": "6.2.3.1", "status": "affected"}, {"version": "6.2.3.2", "status": "affected"}, {"version": "6.2.3.3", "status": "affected"}, {"version": "6.2.3.4", "status": "affected"}, {"version": "6.2.3.5", "status": "affected"}, {"version": "6.2.3.6", "status": "affected"}, {"version": "6.2.3.7", "status": "affected"}, {"version": "6.2.3.9", "status": "affected"}, {"version": "6.2.3.10", "status": "affected"}, {"version": "6.2.3.11", "status": "affected"}, {"version": "6.2.3.12", "status": "affected"}, {"version": "6.2.3.13", "status": "affected"}, {"version": "6.2.3.14", "status": "affected"}, {"version": "6.2.3.15", "status": "affected"}, {"version": "6.2.3.8", "status": "affected"}, {"version": "6.2.3.16", "status": "affected"}, {"version": "6.2.3.17", "status": "affected"}, {"version": "6.2.3.18", "status": "affected"}, {"version": "6.4.0", "status": "affected"}, {"version": "6.4.0.1", "status": "affected"}, {"version": "6.4.0.3", "status": "affected"}, {"version": "6.4.0.2", "status": "affected"}, {"version": "6.4.0.4", "status": "affected"}, {"version": "6.4.0.5", "status": "affected"}, {"version": "6.4.0.6", "status": "affected"}, {"version": "6.4.0.7", "status": "affected"}, {"version": "6.4.0.8", "status": "affected"}, {"version": "6.4.0.9", "status": "affected"}, {"version": "6.4.0.10", "status": "affected"}, {"version": "6.4.0.11", "status": "affected"}, {"version": "6.4.0.12", "status": "affected"}, {"version": "6.4.0.13", "status": "affected"}, {"version": "6.4.0.14", "status": "affected"}, {"version": "6.4.0.15", "status": "affected"}, {"version": "6.4.0.16", "status": "affected"}, {"version": "6.4.0.17", "status": "affected"}, {"version": "6.4.0.18", "status": "affected"}, {"version": "6.6.0", "status": "affected"}, {"version": "6.6.0.1", "status": "affected"}, {"version": "6.6.1", "status": "affected"}, {"version": "6.6.3", "status": "affected"}, {"version": "6.6.4", "status": "affected"}, {"version": "6.6.5", "status": "affected"}, {"version": "6.6.5.1", "status": "affected"}, {"version": "6.6.5.2", "status": "affected"}, {"version": "6.6.7", "status": "affected"}, {"version": "6.6.7.1", "status": "affected"}, {"version": "6.6.7.2", "status": "affected"}, {"version": "6.7.0", "status": "affected"}, {"version": "6.7.0.1", "status": "affected"}, {"version": "6.7.0.2", "status": "affected"}, {"version": "6.7.0.3", "status": "affected"}, {"version": "7.0.0", "status": "affected"}, {"version": "7.0.0.1", "status": "affected"}, {"version": "7.0.1", "status": "affected"}, {"version": "7.0.1.1", "status": "affected"}, {"version": "7.0.2", "status": "affected"}, {"version": "7.0.2.1", "status": "affected"}, {"version": "7.0.3", "status": "affected"}, {"version": "7.0.4", "status": "affected"}, {"version": "7.0.5", "status": "affected"}, {"version": "7.0.6", "status": "affected"}, {"version": "7.0.6.1", "status": "affected"}, {"version": "7.0.6.2", "status": "affected"}, {"version": "7.1.0", "status": "affected"}, {"version": "7.1.0.1", "status": "affected"}, {"version": "7.1.0.2", "status": "affected"}, {"version": "7.1.0.3", "status": "affected"}, {"version": "7.2.0", "status": "affected"}, {"version": "7.2.1", "status": "affected"}, {"version": "7.2.2", "status": "affected"}, {"version": "7.2.0.1", "status": "affected"}, {"version": "7.2.3", "status": "affected"}, {"version": "7.2.3.1", "status": "affected"}, {"version": "7.2.4", "status": "affected"}, {"version": "7.2.4.1", "status": "affected"}, {"version": "7.2.5", "status": "affected"}, {"version": "7.2.5.1", "status": "affected"}, {"version": "7.2.6", "status": "affected"}, {"version": "7.2.7", "status": "affected"}, {"version": "7.2.5.2", "status": "affected"}, {"version": "7.2.8", "status": "affected"}, {"version": "7.2.8.1", "status": "affected"}, {"version": "7.3.0", "status": "affected"}, {"version": "7.3.1", "status": "affected"}, {"version": "7.3.1.1", "status": "affected"}, {"version": "7.3.1.2", "status": "affected"}, {"version": "7.4.0", "status": "affected"}, {"version": "7.4.1", "status": "affected"}, {"version": "7.4.1.1", "status": "affected"}, {"version": "7.4.2", "status": "affected"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "cwe", "cweId": "CWE-79"}]}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-dhJxQYZs", "name": "cisco-sa-fmc-xss-dhJxQYZs"}], "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "baseScore": 4.8, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "source": {"advisory": "cisco-sa-fmc-xss-dhJxQYZs", "discovery": "INTERNAL", "defects": ["CSCwi85823"]}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-23T18:39:49.726716Z", "id": "CVE-2024-20403", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-24T17:47:15.288Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-20403", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-23T18:39:49.726716Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-23T18:51:44.914Z"}}], "cna": {"source": {"defects": ["CSCwi85823"], "advisory": "cisco-sa-fmc-xss-dhJxQYZs", "discovery": "INTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Firepower Management Center", "versions": [{"status": "affected", "version": "6.2.3"}, {"status": "affected", "version": "6.2.3.1"}, {"status": "affected", "version": "6.2.3.2"}, {"status": "affected", "version": "6.2.3.3"}, {"status": "affected", "version": "6.2.3.4"}, {"status": "affected", "version": "6.2.3.5"}, {"status": "affected", "version": "6.2.3.6"}, {"status": "affected", "version": "6.2.3.7"}, {"status": "affected", "version": "6.2.3.9"}, {"status": "affected", "version": "6.2.3.10"}, {"status": "affected", "version": "6.2.3.11"}, {"status": "affected", "version": "6.2.3.12"}, {"status": "affected", "version": "6.2.3.13"}, {"status": "affected", "version": "6.2.3.14"}, {"status": "affected", "version": "6.2.3.15"}, {"status": "affected", "version": "6.2.3.8"}, {"status": "affected", "version": "6.2.3.16"}, {"status": "affected", "version": "6.2.3.17"}, {"status": "affected", "version": "6.2.3.18"}, {"status": "affected", "version": "6.4.0"}, {"status": "affected", "version": "6.4.0.1"}, {"status": "affected", "version": "6.4.0.3"}, {"status": "affected", "version": "6.4.0.2"}, {"status": "affected", "version": "6.4.0.4"}, {"status": "affected", "version": "6.4.0.5"}, {"status": "affected", "version": "6.4.0.6"}, {"status": "affected", "version": "6.4.0.7"}, {"status": "affected", "version": "6.4.0.8"}, {"status": "affected", "version": "6.4.0.9"}, {"status": "affected", "version": "6.4.0.10"}, {"status": "affected", "version": "6.4.0.11"}, {"status": "affected", "version": "6.4.0.12"}, {"status": "affected", "version": "6.4.0.13"}, {"status": "affected", "version": "6.4.0.14"}, {"status": "affected", "version": "6.4.0.15"}, {"status": "affected", "version": "6.4.0.16"}, {"status": "affected", "version": "6.4.0.17"}, {"status": "affected", "version": "6.4.0.18"}, {"status": "affected", "version": "6.6.0"}, {"status": "affected", "version": "6.6.0.1"}, {"status": "affected", "version": "6.6.1"}, {"status": "affected", "version": "6.6.3"}, {"status": "affected", "version": "6.6.4"}, {"status": "affected", "version": "6.6.5"}, {"status": "affected", "version": "6.6.5.1"}, {"status": "affected", "version": "6.6.5.2"}, {"status": "affected", "version": "6.6.7"}, {"status": "affected", "version": "6.6.7.1"}, {"status": "affected", "version": "6.6.7.2"}, {"status": "affected", "version": "6.7.0"}, {"status": "affected", "version": "6.7.0.1"}, {"status": "affected", "version": "6.7.0.2"}, {"status": "affected", "version": "6.7.0.3"}, {"status": "affected", "version": "7.0.0"}, {"status": "affected", "version": "7.0.0.1"}, {"status": "affected", "version": "7.0.1"}, {"status": "affected", "version": "7.0.1.1"}, {"status": "affected", "version": "7.0.2"}, {"status": "affected", "version": "7.0.2.1"}, {"status": "affected", "version": "7.0.3"}, {"status": "affected", "version": "7.0.4"}, {"status": "affected", "version": "7.0.5"}, {"status": "affected", "version": "7.0.6"}, {"status": "affected", "version": "7.0.6.1"}, {"status": "affected", "version": "7.0.6.2"}, {"status": "affected", "version": "7.1.0"}, {"status": "affected", "version": "7.1.0.1"}, {"status": "affected", "version": "7.1.0.2"}, {"status": "affected", "version": "7.1.0.3"}, {"status": "affected", "version": "7.2.0"}, {"status": "affected", "version": "7.2.1"}, {"status": "affected", "version": "7.2.2"}, {"status": "affected", "version": "7.2.0.1"}, {"status": "affected", "version": "7.2.3"}, {"status": "affected", "version": "7.2.3.1"}, {"status": "affected", "version": "7.2.4"}, {"status": "affected", "version": "7.2.4.1"}, {"status": "affected", "version": "7.2.5"}, {"status": "affected", "version": "7.2.5.1"}, {"status": "affected", "version": "7.2.6"}, {"status": "affected", "version": "7.2.7"}, {"status": "affected", "version": "7.2.5.2"}, {"status": "affected", "version": "7.2.8"}, {"status": "affected", "version": "7.2.8.1"}, {"status": "affected", "version": "7.3.0"}, {"status": "affected", "version": "7.3.1"}, {"status": "affected", "version": "7.3.1.1"}, {"status": "affected", "version": "7.3.1.2"}, {"status": "affected", "version": "7.4.0"}, {"status": "affected", "version": "7.4.1"}, {"status": "affected", "version": "7.4.1.1"}, {"status": "affected", "version": "7.4.2"}]}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-dhJxQYZs", "name": "cisco-sa-fmc-xss-dhJxQYZs"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-79", "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-10-23T17:36:14.821Z"}}}, "cveMetadata": {"cveId": "CVE-2024-20403", "state": "PUBLISHED", "dateUpdated": "2024-10-24T17:47:15.288Z", "dateReserved": "2023-11-08T15:08:07.660Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2024-10-23T17:36:14.821Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_management_center:6.4.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "9A95D8B6-2D90-4EA8-B468-356EB396A273", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:6.4.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "1CDEF2CC-D485-4E66-9818-7C9740F37840", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:6.6.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "2D748B16-1C2A-4E00-807F-647569C271D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:7.0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "62950A6C-8467-4215-BCD1-010B8C491714", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:7.0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "6D97494F-BA89-4E95-A01F-C2CE02505A27", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:7.2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4BB537CA-0E37-471E-8DD3-7710A443224A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:7.2.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "F9022BCA-EDBF-4FD1-B427-573CA07E5134", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:7.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "23BA0BE4-B06D-45AE-9C9D-280F1BFA7EDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:7.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "3B79ABCC-C95B-45AB-BE9D-454BD8174651", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:7.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "A4FD7D25-704B-47EB-AF36-DC684AD07807", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:7.2.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "3D33E431-39F5-4F73-99A1-19A05A594C90", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:7.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "579DC0CE-1CEA-449F-BF76-AD7087573ACD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:7.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "EB3E28C0-675B-4C30-B248-BE1EB5E961C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:7.4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "2C7E7A89-A9CA-45DA-8378-A50B1F9D260E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:7.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "C02BEA3A-9ED1-4888-B6CF-A38D846E6549", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "6175407A-207E-4844-B150-EA0129C4CBBD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "45B6E615-F42A-468F-8E40-AD28994B4B1D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "C4B08264-DA65-4BFF-A973-FF733C7325B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "CE2A5330-8180-48CE-B22A-1CF24B7B1631", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "ACC1D72F-9542-4A62-AA90-C0E6B2095068", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "E4F3A97A-3359-40C7-95B0-2AB41C067141", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "B68BA14B-1752-4F05-9331-D556247462C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "1DE72ABB-B573-43CC-A2AC-D81807970BD4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "535E8ECF-5CE5-4E78-A9EF-6167F4C59C45", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "3AE3F1C4-8C7A-48AA-83E5-6F832FA94DD3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "C40B7DC8-220C-4C34-A370-F1EB4B3F9EF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "5DB186DC-6C03-4868-8218-06BEFC0CE400", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.12:*:*:*:*:*:*:*", "matchCriteriaId": "B29670B8-F2D3-46D7-8F34-F44B320DD6FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.13:*:*:*:*:*:*:*", "matchCriteriaId": "2F04DDF5-2058-4208-A608-3673872450EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.14:*:*:*:*:*:*:*", "matchCriteriaId": "C9A483AC-A8CF-439C-9009-4DFAB0484BCE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.15:*:*:*:*:*:*:*", "matchCriteriaId": "94E7D836-46E5-4CD5-8BDC-4697D915FE05", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.16:*:*:*:*:*:*:*", "matchCriteriaId": "06220CB8-7F16-4D3C-A835-558D5F4D97ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.17:*:*:*:*:*:*:*", "matchCriteriaId": "82917F5C-CF20-4D97-A981-FE3F8476CCFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3.18:*:*:*:*:*:*:*", "matchCriteriaId": "47E42025-1D1E-4390-AC21-9A1B0FBE8D82", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "52651664-CA65-4812-8226-E104E1BE7864", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "64E0FDB2-D5A4-4749-A182-B0B145DC00D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "23B58490-C403-44D5-BDB9-88FAD19ABC2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "DE33A280-84E4-4B5B-AB31-7A78754413F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "BA3F9410-02E1-4FE9-9A4B-E504515F4615", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "8AAAF924-1ADE-4267-9957-DF060D1D3538", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "4D02863A-1355-4FFE-A6BD-C912697774A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "704E4D3D-D1D2-48D8-A68C-227CC92A1C1D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "80A3D0F1-DA29-4A66-A698-082DB0CFA4B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "C6B9B536-ADF9-4CE1-86EC-07BCDD65FB92", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "1755E718-C726-442B-B203-E9536C546DF9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "AB80FC39-0FCE-49F7-9A28-CE733DBB3572", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "F61496C8-9ADE-4A4E-9788-447050691727", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "E0780AD6-4F38-4400-AA63-E41879F74B68", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "86BA5BA6-1F79-4C89-A3F4-A56E2B664AED", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "52C7994F-AA17-467B-919E-A49F0CC9DB47", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "9F007F6B-1EAA-468C-8159-78B020DF1E58", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "81F9AF68-70BD-46DE-B7F2-97C9BD5182A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D1D808CD-B030-4334-A286-9B3A1D35C61D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "0DFE9115-3E32-4A55-AB5A-83513322FE97", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "09BD6616-B2B9-49B1-AD20-9B13D93C8F2C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "35A9634E-FCF4-4C67-A463-6BA5F63DD2A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "2D8CF5AA-7B41-4E98-8E7E-A399AAA510B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "8452BA9A-F56C-48E0-BDBA-9095AF78F521", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "B2CE3B06-353C-4623-9EF4-78814DCB0D7D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "FD968EA0-616D-4A22-A15D-C66918E71761", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "BE45FF20-1E52-46B6-9B38-07E5A6D6FD6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "978284EE-8BE8-43ED-ADA0-B90151D83EA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0BA140F9-4706-4B05-826E-962A277E625A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5E7D3C93-B0FC-475E-9CCA-AA8A2101781D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "270CA092-1AF1-48D4-8695-E7DB694969C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "DFA94312-376E-4785-888F-3C07612E1DF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "29E73FBF-2579-4660-AFFA-7F9607004226", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "87FAAFFB-0589-441B-8289-8B8A6E18F705", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "73B92119-793D-4A43-A056-24DB6826E759", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "093A0BC2-037C-463F-AFC5-EF11C2954EAD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "C4F434FC-CAA4-4DBB-8094-C4ECC28B31E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "68C70BB3-33B3-4E7E-99D5-FF76D4ED96AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "B881B8DF-A96D-4B64-B98A-71F0D3388641", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "F6A97625-D39C-42D5-89E4-415A868A0972", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "5E4D83B4-9697-4071-AC9F-7ADC86A6B529", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "A58A2DA5-3EE7-408D-AAFA-82330F0325B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7FA98EEC-2059-4CA9-92F1-72C1E0BB7EC6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "F4C51EE7-866B-410C-B75E-EF260D5062B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "5F1FFD07-B874-4D3C-8E2C-9A204F1E994E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB5ACB9E-86AF-4EC1-9F36-A202429CD0F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "AD1E4527-AAE2-4DA9-AFDA-6375839F7843", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "2F0AF047-EAE9-4C77-BCEF-5CB26F84C742", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "2ED03874-4071-4382-8A46-8B3A59E601FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "BF84E043-DF3C-4A95-8FDA-B0FDCD795377", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "B9498087-9642-4A86-B3EE-1513C55A86E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "36C229AB-2851-48D4-815A-63AAB4462A24", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6DA4BCFC-8237-4F5C-9863-523EE7D8619B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "07693A92-7D84-45A1-ACD6-D83AE41D504B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "5D401072-6709-4921-8918-720F28D61E24", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "C0EA3467-4205-4C41-AF24-689330F7396B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9BE94E38-5F29-4AE1-8129-7F7582C2CC75", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "FEF603AD-D69B-4DD8-A7F4-6BEFD355EF29", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto autenticado realice un ataque de cross-site scripting (XSS) contra un usuario de la interfaz de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad insertando una entrada manipulada en varios campos de datos en una interfaz afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz o acceder a informaci\u00f3n confidencial basada en el navegador."}], "id": "CVE-2024-20403", "lastModified": "2024-11-26T16:09:02.407", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "ykramarz@cisco.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-10-23T18:15:08.193", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-dhJxQYZs"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "ykramarz@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}