CVERadar

CVE-2024-20360

Critical Severity

Cisco

SVRS

82/100

CVSSv3

8.8/10

EPSS

0.00579/1

CVE-2024-20360 is a critical SQL injection vulnerability in Cisco Firepower Management Center (FMC) Software, potentially allowing attackers to obtain sensitive data and execute arbitrary commands. The vulnerability stems from insufficient input validation in the web-based management interface. With a high SOCRadar Vulnerability Risk Score (SVRS) of 82, this CVE demands immediate attention and remediation due to its active exploitation in the wild. Successful exploitation requires authenticated access with at least Read Only privileges. The potential impact includes unauthorized data access, arbitrary command execution on the OS, and privilege escalation to root. This vulnerability is significant because it allows attackers, even with limited access, to compromise the entire FMC system, leading to severe security breaches. Addressing CWE-89 is crucial to prevent further exploitation.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT

CVE Details

Access comprehensive CVE information instantly

Real-time Tracking

Subscribe to CVEs and get instant updates

Exploit Analysis

Monitor related APT groups and threats

IOC Tracking

Analyze and track CVE-related IOCs

News

CVE-2024-20360 | Cisco FirePOWER Management Center up to 7.3.1.2 sql injection (cisco-sa-fmc-sqli-WFFDnNOs)

vuldb.com2025-04-11

CVE-2024-20360 | Cisco FirePOWER Management Center up to 7.3.1.2 sql injection (cisco-sa-fmc-sqli-WFFDnNOs) | A vulnerability was found in Cisco FirePOWER Management Center. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. This vulnerability is known as CVE-2024-20360. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade

vuldb.com

rss

forum

news

Must Read - Security Affairs

2023-08-27

Must Read - Security Affairs | News Content: SideWinder phishing campaign targets maritime facilities in multiple countries The APT group SideWinder launched a new espionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea. SideWinder (also known as Razor Tiger, Rattlesnake, and T-APT-04) has been active since at least 2012, the group mainly targeted Police, Military, Maritime, and the Naval forces of Central Asian countries. In the 2022 […] A crafty phishing campaign targets Microsoft OneDrive users Researchers detected a sophisticated phishing campaign targeting Microsoft OneDrive users to trick them into executing a PowerShell script. Over the

google.com

rss

forum

news

Must Read - Security Affairs

2023-08-27

Must Read - Security Affairs | URL: https://securityaffairs.com/must-read. Publication date: 2023-08-27 16:37:21 News Content: A crafty phishing campaign targets Microsoft OneDrive users to trick them into executing a PowerShell script. Over the past few weeks, the Trellix Advanced Research Center observed a sophisticated phishing campaign targeting Microsoft OneDrive users. Threat actors rely on social engineering tactics to trick users into executing a PowerShell script, which leads to […] | Description: A crafty phishing campaign targets Microsoft OneDrive users to trick them into executing a PowerShell script. Over the past few weeks, the Trellix Advanced Research Center observed a

google.com

rss

forum

news

Must Read - Security Affairs

2023-08-27

Must Read - Security Affairs | News Content: Ransomware gangs exploit recently patched VMware ESXi bug CVE-2024-37085 Microsoft warns that ransomware gangs are exploiting the recently patched CVE-2024-37085 flaw in VMware ESXi flaw. Microsoft researchers warned that multiple ransomware gangs are exploiting the recently patched vulnerability CVE-2024-37085 (CVSS score of 6.8) in VMware ESXi flaw. “Microsoft researchers have uncovered a vulnerability in ESXi hypervisors being exploited by several ransomware operators to obtain full […] Acronis Cyber Infrastructure bug actively exploited in the wild Acronis warns of a critical vulnerability in its Acronis Cyber Infrastructure (ACI) solution that

google.com

rss

forum

news

Cisco Firepower Management Center Software SQL Injection Vulnerability

2024-05-23

Cisco Firepower Management Center Software SQL Injection Vulnerability | A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface does not adequately validate user input. An attacker could exploit this vulnerability by authenticating to the application and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to obtain any data from the database, execute arbitrary commands on

cisco.com

rss

forum

news

Must Read - Security Affairs

2023-08-27

Must Read - Security Affairs | News Content: Mirai-like botnet is exploiting recently disclosed Zyxel NAS flaw Researchers warn that a Mirai-based botnet is exploiting a recently disclosed critical vulnerability in EoL Zyxel NAS devices. Researchers at the Shadowserver Foundation warn that a Mirai-based botnet has started exploiting a recently disclosed vulnerability tracked as CVE-2024-29973 (CVSS score 9.8) in end-of-life NAS devices Zyxel NAS products. The flaw is a command injection vulnerability […] Wikileaks founder Julian Assange is free WikiLeaks founder Julian Assange has been released in the U.K. and has left the country after five

google.com

rss

forum

news

Must Read - Security Affairs

2023-08-27

Must Read - Security Affairs | News Content: CISA confirmed that its CSAT environment was breached in January. CISA warned chemical facilities that its Chemical Security Assessment Tool (CSAT) environment was compromised in January. CISA warns chemical facilities that its Chemical Security Assessment Tool (CSAT) environment was breached in January. In March, the Recorded Future News first reported that the US Cybersecurity and Infrastructure Security Agency (CISA) agency was hacked in February. In response […] Threat actors compromised 1,590 CoinStats crypto wallets Threat actors breached 1,590 cryptocurrency wallets of the cryptocurrency portfolio management and tracking platform CoinStats. The cryptocurrency portfolio management

cve-2018-4233

cve-2023-43208

cve-2024-22257

cve-2024-4610

Social Media

Eyal Estrin ☁️

@eyalestrin

2024-05-28

Cisco Firepower Management Center Software SQL Injection Vulnerability (CVE-2024-20360) #PatchManagement https://t.co/pMJMQvmqoz

BRANDEFENSE | Digital Risk Protection Service

@Brandefense

2024-05-27

CVE-2024-20360: Cisco FMC Vulnerability Grants Hackers Root Access #Cisco, the global leader in networking solutions, has issued a security advisory regarding a vulnerability discovered in its Firepower Management Center (#FMC) software. This flaw, identified as…

ViPr Lab

@vipr_lab

2024-05-25

The vulnerability identified as CVE-2024-20360 in Cisco's Firepower Management Center (FMC) allows unauthorized individuals to gain elevated privileges, potentially compromising the system's security. Details: https://t.co/OD7ymVQzTc #cybersecurity #infosec #infosecurity

CRAC Learning - Tech

@cracbot

2024-05-25

CVE-2024-20360 (CVSS:8.8, HIGH) is Awaiting Analysis. A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an..https://t.co/i7IwWjUsyW #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

Affected Software

Configuration 1

Type	Vendor	Product
App	Cisco	firepower_management_center
App	Cisco	secure_firewall_management_center

References

Reference	Link
[email protected]	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sqli-WFFDnNOs
AF854A3A-2127-422B-91AE-364DA2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sqli-WFFDnNOs
[email protected]	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sqli-WFFDnNOs

CWE Details

CWE ID	CWE Name	Description
CWE-89	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')	The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence