CVE-2022-20949

Name of the Vulnerable Software and Affected Versions Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description A vulnerability in the management web server of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with high privileges to execute configuration commands on an affected system. This issue exists because access to HTTPS endpoints is not properly restricted on an affected device. An attacker could exploit this by sending specific messages to the affected HTTPS handler, potentially allowing them to perform configuration changes on the system, which should only be managed through Cisco Firepower Management Center (FMC) Software.

Recommendations For Cisco Firepower Threat Defense (FTD) Software, consider restricting access to the management web server to minimize the risk of exploitation. As a temporary workaround, consider disabling access to HTTPS endpoints until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.