CVE-2022-20925

Name of the Vulnerable Software and Affected Versions Cisco Firepower Management Center (FMC) Software (affected versions not specified)

Description The issue is related to insufficient validation of user-supplied parameters for certain API endpoints in the web management interface. This could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system by sending crafted input to an affected API endpoint. A successful exploit could allow an attacker to execute arbitrary commands on the device with low system privileges. The attacker would need valid credentials for a user with Device permissions, which by default are only held by Administrators, Security Approvers, and Network Admins user accounts.

Recommendations To resolve the issue, update the Cisco Firepower Management Center (FMC) Software to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the affected API endpoints until a patch is available. Restrict access to users with Device permissions to minimize the risk of exploitation. Avoid using the vulnerable API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.