CVE-2024-20424: OS Command Injection
First published: Wed Oct 23 2024(Updated: )
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to insufficient input validation of certain HTTP requests. An attacker could exploit this vulnerability by authenticating to the web-based management interface of an affected device and then sending a crafted HTTP request to the device. A successful exploit could allow the attacker to execute arbitrary commands with root permissions on the underlying operating system of the Cisco FMC device or to execute commands on managed Cisco Firepower Threat Defense (FTD) devices. To exploit this vulnerability, the attacker would need valid credentials for a user account with at least the role of Security Analyst (Read Only).
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Secure Firewall Management Center | =6.2.3 | |
| Cisco Secure Firewall Management Center | =6.2.3.1 | |
| Cisco Secure Firewall Management Center | =6.2.3.2 | |
| Cisco Secure Firewall Management Center | =6.2.3.3 | |
| Cisco Secure Firewall Management Center | =6.2.3.4 | |
| Cisco Secure Firewall Management Center | =6.2.3.5 | |
| Cisco Secure Firewall Management Center | =6.2.3.6 | |
| Cisco Secure Firewall Management Center | =6.2.3.7 | |
| Cisco Secure Firewall Management Center | =6.2.3.8 | |
| Cisco Secure Firewall Management Center | =6.2.3.9 | |
| Cisco Secure Firewall Management Center | =6.2.3.10 | |
| Cisco Secure Firewall Management Center | =6.2.3.11 | |
| Cisco Secure Firewall Management Center | =6.2.3.12 | |
| Cisco Secure Firewall Management Center | =6.2.3.13 | |
| Cisco Secure Firewall Management Center | =6.2.3.14 | |
| Cisco Secure Firewall Management Center | =6.2.3.15 | |
| Cisco Secure Firewall Management Center | =6.2.3.16 | |
| Cisco Secure Firewall Management Center | =6.2.3.17 | |
| Cisco Secure Firewall Management Center | =6.2.3.18 | |
| Cisco Secure Firewall Management Center | =6.4.0 | |
| Cisco Secure Firewall Management Center | =6.4.0.1 | |
| Cisco Secure Firewall Management Center | =6.4.0.2 | |
| Cisco Secure Firewall Management Center | =6.4.0.3 | |
| Cisco Secure Firewall Management Center | =6.4.0.4 | |
| Cisco Secure Firewall Management Center | =6.4.0.5 | |
| Cisco Secure Firewall Management Center | =6.4.0.6 | |
| Cisco Secure Firewall Management Center | =6.4.0.7 | |
| Cisco Secure Firewall Management Center | =6.4.0.8 | |
| Cisco Secure Firewall Management Center | =6.4.0.9 | |
| Cisco Secure Firewall Management Center | =6.4.0.10 | |
| Cisco Secure Firewall Management Center | =6.4.0.11 | |
| Cisco Secure Firewall Management Center | =6.4.0.12 | |
| Cisco Secure Firewall Management Center | =6.4.0.13 | |
| Cisco Secure Firewall Management Center | =6.4.0.14 | |
| Cisco Secure Firewall Management Center | =6.4.0.15 | |
| Cisco Secure Firewall Management Center | =6.4.0.16 | |
| Cisco Secure Firewall Management Center | =6.4.0.17 | |
| Cisco Secure Firewall Management Center | =6.4.0.18 | |
| Cisco Secure Firewall Management Center | =6.6.0 | |
| Cisco Secure Firewall Management Center | =6.6.0.1 | |
| Cisco Secure Firewall Management Center | =6.6.1 | |
| Cisco Secure Firewall Management Center | =6.6.3 | |
| Cisco Secure Firewall Management Center | =6.6.4 | |
| Cisco Secure Firewall Management Center | =6.6.5 | |
| Cisco Secure Firewall Management Center | =6.6.5.1 | |
| Cisco Secure Firewall Management Center | =6.6.5.2 | |
| Cisco Secure Firewall Management Center | =6.6.7 | |
| Cisco Secure Firewall Management Center | =6.6.7.1 | |
| Cisco Secure Firewall Management Center | =6.6.7.2 | |
| Cisco Secure Firewall Management Center | =6.7.0 | |
| Cisco Secure Firewall Management Center | =6.7.0.1 | |
| Cisco Secure Firewall Management Center | =6.7.0.2 | |
| Cisco Secure Firewall Management Center | =6.7.0.3 | |
| Cisco Secure Firewall Management Center | =7.0.0 | |
| Cisco Secure Firewall Management Center | =7.0.0.1 | |
| Cisco Secure Firewall Management Center | =7.0.1 | |
| Cisco Secure Firewall Management Center | =7.0.1.1 | |
| Cisco Secure Firewall Management Center | =7.0.2 | |
| Cisco Secure Firewall Management Center | =7.0.2.1 | |
| Cisco Secure Firewall Management Center | =7.0.3 | |
| Cisco Secure Firewall Management Center | =7.0.4 | |
| Cisco Secure Firewall Management Center | =7.0.5 | |
| Cisco Secure Firewall Management Center | =7.0.6 | |
| Cisco Secure Firewall Management Center | =7.0.6.1 | |
| Cisco Secure Firewall Management Center | =7.0.6.2 | |
| Cisco Secure Firewall Management Center | =7.1.0 | |
| Cisco Secure Firewall Management Center | =7.1.0.1 | |
| Cisco Secure Firewall Management Center | =7.1.0.2 | |
| Cisco Secure Firewall Management Center | =7.1.0.3 | |
| Cisco Secure Firewall Management Center | =7.2.0 | |
| Cisco Secure Firewall Management Center | =7.2.0.1 | |
| Cisco Secure Firewall Management Center | =7.2.1 | |
| Cisco Secure Firewall Management Center | =7.2.2 | |
| Cisco Secure Firewall Management Center | =7.2.3 | |
| Cisco Secure Firewall Management Center | =7.2.3.1 | |
| Cisco Secure Firewall Management Center | =7.2.4 | |
| Cisco Secure Firewall Management Center | =7.2.4.1 | |
| Cisco Secure Firewall Management Center | =7.2.5 | |
| Cisco Secure Firewall Management Center | =7.2.5.1 | |
| Cisco Secure Firewall Management Center | =7.2.5.2 | |
| Cisco Secure Firewall Management Center | =7.2.6 | |
| Cisco Secure Firewall Management Center | =7.2.7 | |
| Cisco Secure Firewall Management Center | =7.2.8 | |
| Cisco Secure Firewall Management Center | =7.2.8.1 | |
| Cisco Secure Firewall Management Center | =7.3.0 | |
| Cisco Secure Firewall Management Center | =7.3.1 | |
| Cisco Secure Firewall Management Center | =7.3.1.1 | |
| Cisco Secure Firewall Management Center | =7.3.1.2 | |
| Cisco Secure Firewall Management Center | =7.4.0 | |
| Cisco Secure Firewall Management Center | =7.4.1 | |
| Cisco Secure Firewall Management Center | =7.4.1.1 | |
| Cisco Secure Firewall Management Center | =7.4.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-20424?
CVE-2024-20424 is rated as a critical severity vulnerability due to its potential to allow authenticated remote attackers to execute arbitrary commands as root.
How do I fix CVE-2024-20424?
To fix CVE-2024-20424, upgrade to the patched version of Cisco Secure Firewall Management Center as specified in Cisco's security advisory.
What systems are affected by CVE-2024-20424?
CVE-2024-20424 affects Cisco Secure Firewall Management Center versions 6.2.3 through 6.7.0, as well as some later versions.
Can CVE-2024-20424 be exploited remotely?
Yes, CVE-2024-20424 can be exploited by authenticated remote attackers.
What is the impact of CVE-2024-20424 on security?
The impact of CVE-2024-20424 includes the ability for attackers to execute arbitrary commands on the underlying operating system, potentially compromising the entire system.
- agent/weakness
- agent/type
- agent/first-publish-date
- agent/description
- agent/severity
- agent/author
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-20481
- alias/CVE-2024-20424
- alias/CVE-2024-20329
- alias/CVE-2024-20412
- agent/references
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- agent/trending
- agent/tags
- agent/source
- vendor/cisco
- canonical/cisco secure firewall management center
- version/cisco secure firewall management center/6.2.3
- version/cisco secure firewall management center/6.2.3.1
- version/cisco secure firewall management center/6.2.3.2
- version/cisco secure firewall management center/6.2.3.3
- version/cisco secure firewall management center/6.2.3.4
- version/cisco secure firewall management center/6.2.3.5
- version/cisco secure firewall management center/6.2.3.6
- version/cisco secure firewall management center/6.2.3.7
- version/cisco secure firewall management center/6.2.3.8
- version/cisco secure firewall management center/6.2.3.9
- version/cisco secure firewall management center/6.2.3.10
- version/cisco secure firewall management center/6.2.3.11
- version/cisco secure firewall management center/6.2.3.12
- version/cisco secure firewall management center/6.2.3.13
- version/cisco secure firewall management center/6.2.3.14
- version/cisco secure firewall management center/6.2.3.15
- version/cisco secure firewall management center/6.2.3.16
- version/cisco secure firewall management center/6.2.3.17
- version/cisco secure firewall management center/6.2.3.18
- version/cisco secure firewall management center/6.4.0
- version/cisco secure firewall management center/6.4.0.1
- version/cisco secure firewall management center/6.4.0.2
- version/cisco secure firewall management center/6.4.0.3
- version/cisco secure firewall management center/6.4.0.4
- version/cisco secure firewall management center/6.4.0.5
- version/cisco secure firewall management center/6.4.0.6
- version/cisco secure firewall management center/6.4.0.7
- version/cisco secure firewall management center/6.4.0.8
- version/cisco secure firewall management center/6.4.0.9
- version/cisco secure firewall management center/6.4.0.10
- version/cisco secure firewall management center/6.4.0.11
- version/cisco secure firewall management center/6.4.0.12
- version/cisco secure firewall management center/6.4.0.13
- version/cisco secure firewall management center/6.4.0.14
- version/cisco secure firewall management center/6.4.0.15
- version/cisco secure firewall management center/6.4.0.16
- version/cisco secure firewall management center/6.4.0.17
- version/cisco secure firewall management center/6.4.0.18
- version/cisco secure firewall management center/6.6.0
- version/cisco secure firewall management center/6.6.0.1
- version/cisco secure firewall management center/6.6.1
- version/cisco secure firewall management center/6.6.3
- version/cisco secure firewall management center/6.6.4
- version/cisco secure firewall management center/6.6.5
- version/cisco secure firewall management center/6.6.5.1
- version/cisco secure firewall management center/6.6.5.2
- version/cisco secure firewall management center/6.6.7
- version/cisco secure firewall management center/6.6.7.1
- version/cisco secure firewall management center/6.6.7.2
- version/cisco secure firewall management center/6.7.0
- version/cisco secure firewall management center/6.7.0.1
- version/cisco secure firewall management center/6.7.0.2
- version/cisco secure firewall management center/6.7.0.3
- version/cisco secure firewall management center/7.0.0
- version/cisco secure firewall management center/7.0.0.1
- version/cisco secure firewall management center/7.0.1
- version/cisco secure firewall management center/7.0.1.1
- version/cisco secure firewall management center/7.0.2
- version/cisco secure firewall management center/7.0.2.1
- version/cisco secure firewall management center/7.0.3
- version/cisco secure firewall management center/7.0.4
- version/cisco secure firewall management center/7.0.5
- version/cisco secure firewall management center/7.0.6
- version/cisco secure firewall management center/7.0.6.1
- version/cisco secure firewall management center/7.0.6.2
- version/cisco secure firewall management center/7.1.0
- version/cisco secure firewall management center/7.1.0.1
- version/cisco secure firewall management center/7.1.0.2
- version/cisco secure firewall management center/7.1.0.3
- version/cisco secure firewall management center/7.2.0
- version/cisco secure firewall management center/7.2.0.1
- version/cisco secure firewall management center/7.2.1
- version/cisco secure firewall management center/7.2.2
- version/cisco secure firewall management center/7.2.3
- version/cisco secure firewall management center/7.2.3.1
- version/cisco secure firewall management center/7.2.4
- version/cisco secure firewall management center/7.2.4.1
- version/cisco secure firewall management center/7.2.5
- version/cisco secure firewall management center/7.2.5.1
- version/cisco secure firewall management center/7.2.5.2
- version/cisco secure firewall management center/7.2.6
- version/cisco secure firewall management center/7.2.7
- version/cisco secure firewall management center/7.2.8
- version/cisco secure firewall management center/7.2.8.1
- version/cisco secure firewall management center/7.3.0
- version/cisco secure firewall management center/7.3.1
- version/cisco secure firewall management center/7.3.1.1
- version/cisco secure firewall management center/7.3.1.2
- version/cisco secure firewall management center/7.4.0
- version/cisco secure firewall management center/7.4.1
- version/cisco secure firewall management center/7.4.1.1
- version/cisco secure firewall management center/7.4.2