medium
4.8
CWE
79
Advisory Published
Updated

CVE-2019-15268: Cisco Firepower Management Center Multiple Cross-Site Scripting Vulnerabilities

First published: Wed Oct 16 2019(Updated: )

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.

Credit: ykramarz@cisco.com

Affected SoftwareAffected VersionHow to fix
Cisco Firepower Management Center
Cisco Firepower Management Center=6.3.0
Cisco Firepower Management Center=6.4.0
Cisco Firepower Management Center=6.5.0
Cisco Firepower Management Center=6.6.0
Cisco Firepower Management Center 2600 firmware
Cisco Firepower appliance 7030 firmware
Cisco Firepower appliance 7030 firmware=6.3.0
Cisco Firepower appliance 7030 firmware=6.4.0
Cisco Firepower appliance 7030 firmware=6.5.0
Cisco Firepower appliance 7030 firmware=6.6.0
Cisco Firepower appliance
Cisco Firepower
Cisco Firepower=6.3.0
Cisco Firepower=6.4.0
Cisco Firepower=6.5.0
Cisco Firepower=6.6.0
Cisco Firepower appliance 7110 firmware
Cisco Firepower 7115
Cisco Firepower 7115=6.3.0
Cisco Firepower 7115=6.4.0
Cisco Firepower 7115=6.5.0
Cisco Firepower 7115=6.6.0
Cisco Firepower 7115
Cisco Firepower Management Center
Cisco Firepower Management Center=6.3.0
Cisco Firepower Management Center=6.4.0
Cisco Firepower Management Center=6.5.0
Cisco Firepower Management Center=6.6.0
Cisco Firepower Management Center virtual appliance firmware
Cisco Firepower Management Center
Cisco Firepower Management Center=6.3.0
Cisco Firepower Management Center=6.4.0
Cisco Firepower Management Center=6.5.0
Cisco Firepower Management Center=6.6.0
Cisco Firepower Management Center 2000 firmware
Cisco Firepower Management Center
Cisco Firepower Management Center=6.3.0
Cisco Firepower Management Center=6.4.0
Cisco Firepower Management Center=6.5.0
Cisco Firepower Management Center=6.6.0
Cisco Firepower Management Center 1000 firmware
Cisco Firepower Management Center
Cisco Firepower Management Center=6.3.0
Cisco Firepower Management Center=6.4.0
Cisco Firepower Management Center=6.5.0
Cisco Firepower Management Center=6.6.0
Cisco Firepower Management Center
Cisco Firepower appliance 7125
Cisco Firepower appliance 7125=6.3.0
Cisco Firepower appliance 7125=6.4.0
Cisco Firepower appliance 7125=6.5.0
Cisco Firepower appliance 7125=6.6.0
Cisco Firepower appliance 7125
Cisco Firepower Management Center
Cisco Firepower Management Center=6.3.0
Cisco Firepower Management Center=6.4.0
Cisco Firepower Management Center=6.5.0
Cisco Firepower Management Center=6.6.0
Cisco Firepower Management Center 4000 firmware
Cisco Firepower appliance 8290 firmware
Cisco Firepower appliance 8290 firmware=6.3.0
Cisco Firepower appliance 8290 firmware=6.4.0
Cisco Firepower appliance 8290 firmware=6.5.0
Cisco Firepower appliance 8290 firmware=6.6.0
Cisco Firepower appliance 8290 firmware
Cisco Firepower Management Center
Cisco Firepower Management Center=6.3.0
Cisco Firepower Management Center=6.4.0
Cisco Firepower Management Center=6.5.0
Cisco Firepower Management Center=6.6.0
Cisco Firesight Management Center
Cisco Firesight Management Center 750
Cisco Firesight Management Center 750=6.3.0
Cisco Firesight Management Center 750=6.4.0
Cisco Firesight Management Center 750=6.5.0
Cisco Firesight Management Center 750=6.6.0
Cisco Firepower Management Center
Cisco Firepower 7120
Cisco Firepower 7120=6.3.0
Cisco Firepower 7120=6.4.0
Cisco Firepower 7120=6.5.0
Cisco Firepower 7120=6.6.0
Cisco Firepower 7120
Cisco Firepower 7010
Cisco Firepower 7010=6.3.0
Cisco Firepower 7010=6.4.0
Cisco Firepower 7010=6.5.0
Cisco Firepower 7010=6.6.0
Cisco Firepower 7010
Cisco Firepower appliance 8370 firmware
Cisco Firepower appliance 8370 firmware=6.3.0
Cisco Firepower appliance 8370 firmware=6.4.0
Cisco Firepower appliance 8370 firmware=6.5.0
Cisco Firepower appliance 8370 firmware=6.6.0
Cisco Firepower appliance
Cisco Firepower Management Center
Cisco Firepower Management Center=6.3.0
Cisco Firepower Management Center=6.4.0
Cisco Firepower Management Center=6.5.0
Cisco Firepower Management Center=6.6.0
Cisco Firepower Management Center 1600 firmware
Cisco Firepower 7020
Cisco Firepower 7020=6.3.0
Cisco Firepower 7020=6.4.0
Cisco Firepower 7020=6.5.0
Cisco Firepower 7020=6.6.0
Cisco Firepower appliance
Cisco AMP 8150
Cisco AMP 8150=6.3.0
Cisco AMP 8150=6.4.0
Cisco AMP 8150=6.5.0
Cisco AMP 8150=6.6.0
Cisco AMP 8150
Cisco Firepower 8130 Firmware
Cisco Firepower 8130 Firmware=6.3.0
Cisco Firepower 8130 Firmware=6.4.0
Cisco Firepower 8130 Firmware=6.5.0
Cisco Firepower 8130 Firmware=6.6.0
Cisco Firepower appliance 8130
Cisco NGIPS Virtual Appliance
Cisco NGIPS Virtual Appliance=6.3.0
Cisco NGIPS Virtual Appliance=6.4.0
Cisco NGIPS Virtual Appliance=6.5.0
Cisco NGIPS Virtual Appliance=6.6.0
Cisco NGIPSv for VMware
Cisco Firepower 8390 firmware
Cisco Firepower 8390 firmware=6.3.0
Cisco Firepower 8390 firmware=6.4.0
Cisco Firepower 8390 firmware=6.5.0
Cisco Firepower 8390 firmware=6.6.0
Cisco Firepower appliance
Cisco Firepower Appliance 8270 Firmware
Cisco Firepower Appliance 8270 Firmware=6.3.0
Cisco Firepower Appliance 8270 Firmware=6.4.0
Cisco Firepower Appliance 8270 Firmware=6.5.0
Cisco Firepower Appliance 8270 Firmware=6.6.0
Cisco Firepower Appliance 8270 Firmware
Cisco Firepower Management Center
Cisco Firepower Management Center=6.3.0
Cisco Firepower Management Center=6.4.0
Cisco Firepower Management Center=6.5.0
Cisco Firepower Management Center=6.6.0
Cisco Firepower Management Center 4500-K9
Cisco Firepower appliance 8250
Cisco Firepower appliance 8250=6.3.0
Cisco Firepower appliance 8250=6.4.0
Cisco Firepower appliance 8250=6.5.0
Cisco Firepower appliance 8250=6.6.0
Cisco Firepower appliance 8250
Cisco Firepower Management Center
Cisco Firepower Management Center=6.3.0
Cisco Firepower Management Center=6.4.0
Cisco Firepower Management Center=6.5.0
Cisco Firepower Management Center=6.6.0
Cisco Firepower Threat Defense (FTD) and Firepower Management Center (FMC) Software
Cisco Firepower Management Center 2500
Cisco Firepower Management Center 2500=6.3.0
Cisco Firepower Management Center 2500=6.4.0
Cisco Firepower Management Center 2500=6.5.0
Cisco Firepower Management Center 2500=6.6.0
Cisco Firepower Threat Defense (FTD) and Firepower Management Center (FMC) Software
Cisco Firepower appliance 8120 firmware
Cisco Firepower appliance 8120 firmware=6.3.0
Cisco Firepower appliance 8120 firmware=6.4.0
Cisco Firepower appliance 8120 firmware=6.5.0
Cisco Firepower appliance 8120 firmware=6.6.0
Cisco Firepower appliance
Cisco AMP 7150 Firmware
Cisco AMP 7150 Firmware=6.3.0
Cisco AMP 7150 Firmware=6.4.0
Cisco AMP 7150 Firmware=6.5.0
Cisco AMP 7150 Firmware=6.6.0
Cisco AMP 7150 Firmware
Cisco Firepower appliance 8350 firmware
Cisco Firepower appliance 8350 firmware=6.3.0
Cisco Firepower appliance 8350 firmware=6.4.0
Cisco Firepower appliance 8350 firmware=6.5.0
Cisco Firepower appliance 8350 firmware=6.6.0
Cisco Firepower appliance 8350 firmware
Cisco Firepower 8140
Cisco Firepower 8140=6.3.0
Cisco Firepower 8140=6.4.0
Cisco Firepower 8140=6.5.0
Cisco Firepower 8140=6.6.0
Cisco Firepower appliance
Cisco Firepower appliance
Cisco Firepower appliance=6.3.0
Cisco Firepower appliance=6.4.0
Cisco Firepower appliance=6.5.0
Cisco Firepower appliance=6.6.0
Cisco Firepower appliance
Cisco Firepower appliance 8260 firmware
Cisco Firepower appliance 8260 firmware=6.3.0
Cisco Firepower appliance 8260 firmware=6.4.0
Cisco Firepower appliance 8260 firmware=6.5.0
Cisco Firepower appliance 8260 firmware=6.6.0
Cisco Firepower appliance 8260 firmware
Cisco Firepower Appliance
Cisco Firepower Appliance=6.3.0
Cisco Firepower Appliance=6.4.0
Cisco Firepower Appliance=6.5.0
Cisco Firepower Appliance=6.6.0
Cisco Firepower appliance 8360 firmware

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2019-15268?

    CVE-2019-15268 has been assigned a medium severity rating according to Cisco's security advisories.

  • How do I fix CVE-2019-15268?

    To mitigate CVE-2019-15268, it is recommended to upgrade the Cisco Firepower Management Center firmware to the latest version provided by Cisco.

  • What products are affected by CVE-2019-15268?

    CVE-2019-15268 affects various Cisco Firepower Management Center firmware versions, including 2600, 7030, 7110, and others.

  • Can CVE-2019-15268 be exploited remotely?

    Yes, CVE-2019-15268 can be exploited by an authenticated remote attacker through cross-site scripting vulnerabilities.

  • What type of attack is associated with CVE-2019-15268?

    CVE-2019-15268 is associated with cross-site scripting (XSS) attacks that may affect users of the web-based management interface.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203