CVE-2023-20220

Name of the Vulnerable Software and Affected Versions Cisco Firepower Management Center (FMC) Software (affected versions not specified)

Description The issue exists due to insufficient validation of user-supplied input for certain configuration options in the web-based management interface of Cisco Firepower Management Center (FMC) Software. This could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. The attacker must have valid device credentials but does not need Administrator privileges. Exploitation can occur by using crafted input within the device configuration GUI, potentially affecting the availability of the device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.