CVE-2022-20740 – Cisco Firepower Management Center Software Cross-Site Scripting Vulnerability
https://notcve.org/view.php?id=CVE-2022-20740
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack. This vulnerability is due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by convincing a user to click a link designed to pass malicious input to the interface. A successful exploit could allow the attacker to conduct cross-site scripting attacks and gain access to sensitive browser-based information. Una vulnerabilidad en la interfaz de administración basada en la web del software Cisco Firepower Management Center (FMC) podría permitir a un atacante remoto no autenticado realizar un ataque de tipo cross-site scripting. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-SfpEcvGT • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVE-2022-20743 – Cisco Firepower Management Center File Upload Security Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-20743
A vulnerability in the web management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to bypass security protections and upload malicious files to the affected system. This vulnerability is due to improper validation of files uploaded to the web management interface of Cisco FMC Software. An attacker could exploit this vulnerability by uploading a maliciously crafted file to a device running affected software. A successful exploit could allow the attacker to store malicious files on the device, which they could access later to conduct additional attacks, including executing arbitrary code on the affected device with root privileges. Una vulnerabilidad en la interfaz de administración web del software Cisco Firepower Management Center (FMC) podría permitir a un atacante remoto autenticado omitir las protecciones de seguridad y cargar archivos maliciosos en el sistema afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-security-bypass-JhOd29Gg • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2021-44228 – Apache Log4j2 Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-44228
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. • https://github.com/fullhunt/log4j-scan https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words https://github.com/cyberstruggle/L4sh https://github.com/woodpecker-appstore/log4j-payload-generator https://github.com/tangxiaofeng7/apache-log4j-poc https://www.exploit-db.com/exploits/51183 https://www.exploit-db.com/exploits/50592 https://www.exploit-db.com/exploits/50590 https://github.com/logpresso/CVE-2021-44228-Scanner https://github.com/jas502n/Log4j2-CVE-2021-44228 h • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption CWE-502: Deserialization of Untrusted Data CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •
CVE-2021-34781 – Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-34781
A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to a lack of proper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, which causes a DoS condition on the affected device. The device must be manually reloaded to recover. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-rUDseW3r • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-755: Improper Handling of Exceptional Conditions •
CVE-2021-34764 – Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities
https://notcve.org/view.php?id=CVE-2021-34764
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory. Varias vulnerabilidades en la interfaz de administración basada en la web del software Cisco Firepower Management Center (FMC) podrían permitir a un atacante ejecutar un ataque de tipo cross-site scripting (XSS) o un ataque de redireccionamiento abierto. Para conseguir más información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •