CVE-2024-20274

Name of the Vulnerable Software and Affected Versions: Cisco Secure Firewall Management Center (FMC) Software versions (affected versions not specified)

Description: A vulnerability in the web-based management interface could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. This issue is due to improper validation of user-supplied data. An attacker could exploit this by submitting malicious content to an affected device, allowing them to alter the standard layout of device-generated documents, access arbitrary files from the underlying operating system, and conduct server-side request forgery (SSRF) attacks. The attacker would need valid credentials for a user account with policy-editing permissions.

Recommendations: To resolve the issue, update to a version of Cisco Secure Firewall Management Center (FMC) Software that includes the fix for this vulnerability. As a temporary workaround, consider restricting access to the web-based management interface to minimize the risk of exploitation. Restrict user accounts to only those necessary for operation and ensure that all users with policy-editing permissions are trusted. Avoid using the web-based management interface for generating documents that contain sensitive information until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.