Cisco · Cisco Secure Firewall Management Center · CVE-2024-20264
Name of the Vulnerable Software and Affected Versions:
Cisco Secure Firewall Management Center (formerly Cisco Firepower Management Center) versions (affected versions not specified)
Description:
The issue exists due to insufficient validation of user-supplied input by the web-based management interface, allowing an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. An attacker could exploit this by inserting crafted input into various data fields in an affected interface, potentially executing arbitrary script code in the context of the interface or accessing sensitive, browser-based information.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.