What is the severity of CVE-2020-3318?

CVE-2020-3318 has been classified with a high severity rating due to the potential for attackers to gain high-privileged access.

How do I fix CVE-2020-3318?

To fix CVE-2020-3318, you should upgrade your Cisco Firepower Management Center Software to the latest version provided by Cisco.

What versions are affected by CVE-2020-3318?

CVE-2020-3318 affects multiple versions of Cisco Firepower Management Center Software, including versions from 2.0.3 to 6.5.0.

Can CVE-2020-3318 be exploited remotely?

Yes, CVE-2020-3318 can be exploited remotely if the attacker has access to the affected system's components.

What are the risks associated with CVE-2020-3318?

The risks associated with CVE-2020-3318 include unauthorized access to sensitive system functions and potential compromise of the entire firewall management infrastructure.

Vulnerability/
CVE-2020-3318

critical

9.8

CWE

798

6/5/2020

26/11/2024

CVE-2020-3318: Cisco Firepower Management Center Static Credential Vulnerabilities

First published: Wed May 06 2020(Updated: )

Multiple vulnerabilities in Cisco Firepower Management Center (FMC) Software and Cisco Firepower User Agent Software could allow an attacker to access a sensitive part of an affected system with a high-privileged account. For more information about these vulnerabilities, see the Details section of this advisory.

Credit: ykramarz@cisco.com ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Secure Firewall Management Center	=2.0.3
Cisco Secure Firewall Management Center	=2.1.0
Cisco Secure Firewall Management Center	=2.1.1
Cisco Secure Firewall Management Center	=2.2.0
Cisco Secure Firewall Management Center	=2.3.0
Cisco Secure Firewall Management Center	=5.0.0
Cisco Secure Firewall Management Center	=6.0.0
Cisco Secure Firewall Management Center	=6.1.0
Cisco Secure Firewall Management Center	=6.2.0
Cisco Secure Firewall Management Center	=6.2.3
Cisco Secure Firewall Management Center	=6.3.0
Cisco Secure Firewall Management Center	=6.4.0
Cisco Secure Firewall Management Center	=6.5.0
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=2.0.3
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=2.1.0
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=2.1.1
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=2.2.0
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=2.3.0
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=5.0.0
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=6.0.0
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=6.1.0
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=6.2.0
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=6.2.3
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=6.3.0
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=6.4.0
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=6.5.0

Never miss a vulnerability like this again

Reference Links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmcua-statcred-weeCcZct

Frequently Asked Questions

What is the severity of CVE-2020-3318?
CVE-2020-3318 has been classified with a high severity rating due to the potential for attackers to gain high-privileged access.
How do I fix CVE-2020-3318?
To fix CVE-2020-3318, you should upgrade your Cisco Firepower Management Center Software to the latest version provided by Cisco.
What versions are affected by CVE-2020-3318?
CVE-2020-3318 affects multiple versions of Cisco Firepower Management Center Software, including versions from 2.0.3 to 6.5.0.
Can CVE-2020-3318 be exploited remotely?
Yes, CVE-2020-3318 can be exploited remotely if the attacker has access to the affected system's components.
What are the risks associated with CVE-2020-3318?
The risks associated with CVE-2020-3318 include unauthorized access to sensitive system functions and potential compromise of the entire firewall management infrastructure.

agent/type
agent/weakness
agent/severity
agent/references
agent/title
agent/description
agent/first-publish-date
collector/mitre-cve
source/MITRE
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/last-modified-date
agent/author
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco secure firewall management center
version/cisco secure firewall management center/2.0.3
version/cisco secure firewall management center/2.1.0
version/cisco secure firewall management center/2.1.1
version/cisco secure firewall management center/2.2.0
version/cisco secure firewall management center/2.3.0
version/cisco secure firewall management center/5.0.0
version/cisco secure firewall management center/6.0.0
version/cisco secure firewall management center/6.1.0
version/cisco secure firewall management center/6.2.0
version/cisco secure firewall management center/6.2.3
version/cisco secure firewall management center/6.3.0
version/cisco secure firewall management center/6.4.0
version/cisco secure firewall management center/6.5.0
canonical/cisco firepower management center (fmc) and firepower threat defense (ftd) software
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/2.0.3
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/2.1.0
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/2.1.1
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/2.2.0
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/2.3.0
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/5.0.0
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.0.0
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.1.0
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.2.0
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.2.3
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.3.0
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.4.0
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.5.0