CVE-2021-34750

Summary

CVE-2021-34750 is a vulnerability affecting the administrative web-based GUI configuration manager of Cisco Firepower Management Center Software. This issue allows authenticated, remote attackers with low privilege credentials to access sensitive configuration information in clear text, thanks to insufficient encryption. An attacker can exploit this by logging into the FMC GUI and navigating to specific configurations. No workarounds are available, and Cisco has issued software updates to mitigate the risk. [ [Source: Cisco Security Advisory Bundled Publication, October 2021] Authenticated attackers with low privilege credentials can exploit a lack of proper encryption in the Cisco Firepower Management Center Software's GUI configuration manager (CVE-2021-34750) to gain access to sensitive configuration information in clear text. An attacker could potentially view sensitive parameters by logging into the FMC GUI and navigating to certain sections. No workaround exists, and Cisco has released patches to address the vulnerability. [ [Source: Cisco Security Advisory, October 2021] In the Cisco Firepower Management Center Software (CVE-2021-34750), an attacker with low privilege credentials can access sensitive configuration information through the administrative web-based GUI configuration manager due to insufficient encryption. This vulnerability enables the attacker to view clear text sensitive parameters by logging into the FMC GUI and navigating to specific configurations. No workaround is available, and Cisco has issued patches to mitigate the risk. [ [Source: Cisco Security Advisory, October 2021] CVE-2021-34750 represents a vulnerability in the Cisco Firepower Management Center Software's GUI configuration manager, which enables authenticated, remote attackers with low privilege credentials to access sensitive information in clear text. By logging into the FMC GUI and navigating to certain configurations, attackers can view sensitive parameters. There are no workarounds, and Cisco has released patches to rectify the issue. [ [Source: Cisco Security Advisory, October 2021] Authenticated attackers can exploit CVE-2021-34750, a vulnerability in the Cisco Firepower Management Center Software's administrative web-based GUI configuration manager, to access sensitive configuration information in clear text. Attackers can do this by logging into the FMC GUI and navigating to specific configurations. No workarounds are available, and Cisco has issued patches to remediate the vulnerability. [ [Source: Cisco Security Advisory, October 2021] CVE-2021-34750 is a vulnerability in the Cisco Firepower Management Center Software's GUI configuration manager that allows authenticated, remote attackers with low privilege credentials to view sensitive configuration information in clear text. They can do this by logging into the FMC GUI and navigating to certain sections. No workaround is available, and Cisco has released patches to address the issue. [ [Source: Cisco Security Advisory, October 2021]

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.