CVE-2023-20155

Summary

CVE-2023-20155 is a vulnerability found in Cisco Firepower Management Center (FMC) Software's logging API. This vulnerability allows an unauthenticated remote attacker to make the device unresponsive or trigger an unexpected reload. It also enables an attacker with valid user credentials but without Administrator privileges to access system log files they shouldn't have access to. The vulnerability occurs due to the lack of rate-limiting of requests sent to a specific API related to FMC logs. To exploit this vulnerability, an attacker would need to send a high rate of HTTP requests to the API. If successful, the attacker could cause a denial of service (DoS) condition by spiking the FMC CPU utilization or reloading the device. The affected products include various versions and models of Cisco Firepower Management Center software. To remediate this vulnerability, users should apply the necessary updates provided by Cisco. The danger posed by this vulnerability includes potential DoS attacks and unauthorized access to system log files, which can impact network availability and compromise confidentiality.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.