CVE-2020-3456

Name of the Vulnerable Software and Affected Versions Cisco FXOS Software (affected versions not specified)

Description The issue is related to insufficient CSRF protections for the Cisco Firepower Chassis Manager (FCM) interface in Cisco FXOS Software. This could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected device. An attacker could exploit this by persuading a targeted user to click a malicious link, potentially allowing the attacker to send arbitrary requests and take unauthorized actions on behalf of the targeted user.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.