CVE-2020-3410

Name of the Vulnerable Software and Affected Versions Cisco Firepower Management Center (FMC) Software (affected versions not specified)

Description A vulnerability in the Common Access Card (CAC) authentication feature could allow an unauthenticated, remote attacker to bypass authentication and access the FMC system. The attacker must have a valid CAC to initiate the access attempt. This issue is due to incorrect session invalidation during CAC authentication. An attacker could exploit this by performing a CAC-based authentication attempt to an affected system, potentially accessing the system with the privileges of a CAC-authenticated user who is currently logged in.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.