CVE-2024-20471: SQL Injection
First published: Wed Oct 23 2024(Updated: )
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface does not validate user input adequately. An attacker could exploit this vulnerability by authenticating to the application as an Administrator and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to obtain unauthorized data from the database and make changes to the system. To exploit this vulnerability, an attacker would need Administrator-level privileges.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Secure Firewall Management Center | =6.2.3 | |
| Cisco Secure Firewall Management Center | =6.2.3.1 | |
| Cisco Secure Firewall Management Center | =6.2.3.2 | |
| Cisco Secure Firewall Management Center | =6.2.3.3 | |
| Cisco Secure Firewall Management Center | =6.2.3.4 | |
| Cisco Secure Firewall Management Center | =6.2.3.5 | |
| Cisco Secure Firewall Management Center | =6.2.3.6 | |
| Cisco Secure Firewall Management Center | =6.2.3.7 | |
| Cisco Secure Firewall Management Center | =6.2.3.8 | |
| Cisco Secure Firewall Management Center | =6.2.3.9 | |
| Cisco Secure Firewall Management Center | =6.2.3.10 | |
| Cisco Secure Firewall Management Center | =6.2.3.11 | |
| Cisco Secure Firewall Management Center | =6.2.3.12 | |
| Cisco Secure Firewall Management Center | =6.2.3.13 | |
| Cisco Secure Firewall Management Center | =6.2.3.14 | |
| Cisco Secure Firewall Management Center | =6.2.3.15 | |
| Cisco Secure Firewall Management Center | =6.2.3.16 | |
| Cisco Secure Firewall Management Center | =6.2.3.17 | |
| Cisco Secure Firewall Management Center | =6.2.3.18 | |
| Cisco Secure Firewall Management Center | =6.4.0 | |
| Cisco Secure Firewall Management Center | =6.4.0.1 | |
| Cisco Secure Firewall Management Center | =6.4.0.2 | |
| Cisco Secure Firewall Management Center | =6.4.0.3 | |
| Cisco Secure Firewall Management Center | =6.4.0.4 | |
| Cisco Secure Firewall Management Center | =6.4.0.5 | |
| Cisco Secure Firewall Management Center | =6.4.0.6 | |
| Cisco Secure Firewall Management Center | =6.4.0.7 | |
| Cisco Secure Firewall Management Center | =6.4.0.8 | |
| Cisco Secure Firewall Management Center | =6.4.0.9 | |
| Cisco Secure Firewall Management Center | =6.4.0.10 | |
| Cisco Secure Firewall Management Center | =6.4.0.11 | |
| Cisco Secure Firewall Management Center | =6.4.0.12 | |
| Cisco Secure Firewall Management Center | =6.4.0.13 | |
| Cisco Secure Firewall Management Center | =6.4.0.14 | |
| Cisco Secure Firewall Management Center | =6.4.0.15 | |
| Cisco Secure Firewall Management Center | =6.4.0.16 | |
| Cisco Secure Firewall Management Center | =6.4.0.17 | |
| Cisco Secure Firewall Management Center | =6.4.0.18 | |
| Cisco Secure Firewall Management Center | =6.6.0 | |
| Cisco Secure Firewall Management Center | =6.6.0.1 | |
| Cisco Secure Firewall Management Center | =6.6.1 | |
| Cisco Secure Firewall Management Center | =6.6.3 | |
| Cisco Secure Firewall Management Center | =6.6.4 | |
| Cisco Secure Firewall Management Center | =6.6.5 | |
| Cisco Secure Firewall Management Center | =6.6.5.1 | |
| Cisco Secure Firewall Management Center | =6.6.5.2 | |
| Cisco Secure Firewall Management Center | =6.6.7 | |
| Cisco Secure Firewall Management Center | =6.6.7.1 | |
| Cisco Secure Firewall Management Center | =6.6.7.2 | |
| Cisco Secure Firewall Management Center | =6.7.0 | |
| Cisco Secure Firewall Management Center | =6.7.0.1 | |
| Cisco Secure Firewall Management Center | =6.7.0.2 | |
| Cisco Secure Firewall Management Center | =6.7.0.3 | |
| Cisco Secure Firewall Management Center | =7.0.0 | |
| Cisco Secure Firewall Management Center | =7.0.0.1 | |
| Cisco Secure Firewall Management Center | =7.0.1 | |
| Cisco Secure Firewall Management Center | =7.0.1.1 | |
| Cisco Secure Firewall Management Center | =7.0.2 | |
| Cisco Secure Firewall Management Center | =7.0.2.1 | |
| Cisco Secure Firewall Management Center | =7.0.3 | |
| Cisco Secure Firewall Management Center | =7.0.4 | |
| Cisco Secure Firewall Management Center | =7.0.5 | |
| Cisco Secure Firewall Management Center | =7.0.6 | |
| Cisco Secure Firewall Management Center | =7.0.6.1 | |
| Cisco Secure Firewall Management Center | =7.0.6.2 | |
| Cisco Secure Firewall Management Center | =7.1.0 | |
| Cisco Secure Firewall Management Center | =7.1.0.1 | |
| Cisco Secure Firewall Management Center | =7.1.0.2 | |
| Cisco Secure Firewall Management Center | =7.1.0.3 | |
| Cisco Secure Firewall Management Center | =7.2.0 | |
| Cisco Secure Firewall Management Center | =7.2.0.1 | |
| Cisco Secure Firewall Management Center | =7.2.1 | |
| Cisco Secure Firewall Management Center | =7.2.2 | |
| Cisco Secure Firewall Management Center | =7.2.3 | |
| Cisco Secure Firewall Management Center | =7.2.3.1 | |
| Cisco Secure Firewall Management Center | =7.2.4 | |
| Cisco Secure Firewall Management Center | =7.2.4.1 | |
| Cisco Secure Firewall Management Center | =7.2.5 | |
| Cisco Secure Firewall Management Center | =7.2.5.1 | |
| Cisco Secure Firewall Management Center | =7.2.5.2 | |
| Cisco Secure Firewall Management Center | =7.2.6 | |
| Cisco Secure Firewall Management Center | =7.2.7 | |
| Cisco Secure Firewall Management Center | =7.2.8 | |
| Cisco Secure Firewall Management Center | =7.2.8.1 | |
| Cisco Secure Firewall Management Center | =7.3.0 | |
| Cisco Secure Firewall Management Center | =7.3.1 | |
| Cisco Secure Firewall Management Center | =7.3.1.1 | |
| Cisco Secure Firewall Management Center | =7.3.1.2 | |
| Cisco Secure Firewall Management Center | =7.4.0 | |
| Cisco Secure Firewall Management Center | =7.4.1 | |
| Cisco Secure Firewall Management Center | =7.4.1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-20471?
CVE-2024-20471 has been rated as high severity due to the potential for SQL injection attacks.
How do I fix CVE-2024-20471?
To fix CVE-2024-20471, you should apply the latest patch or update provided by Cisco for the affected software versions.
Which versions of Cisco Secure Firewall Management Center are affected by CVE-2024-20471?
CVE-2024-20471 affects Cisco Secure Firewall Management Center versions 6.2.3 through 7.4.1.1.
What kind of attacks can CVE-2024-20471 allow?
CVE-2024-20471 can allow authenticated, remote attackers to conduct SQL injection attacks on the affected system.
Is authentication required to exploit CVE-2024-20471?
Yes, CVE-2024-20471 requires an authenticated user to exploit the vulnerability.
- agent/weakness
- agent/references
- agent/type
- agent/first-publish-date
- agent/description
- agent/severity
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/source
- vendor/cisco
- canonical/cisco secure firewall management center
- version/cisco secure firewall management center/6.2.3
- version/cisco secure firewall management center/6.2.3.1
- version/cisco secure firewall management center/6.2.3.2
- version/cisco secure firewall management center/6.2.3.3
- version/cisco secure firewall management center/6.2.3.4
- version/cisco secure firewall management center/6.2.3.5
- version/cisco secure firewall management center/6.2.3.6
- version/cisco secure firewall management center/6.2.3.7
- version/cisco secure firewall management center/6.2.3.8
- version/cisco secure firewall management center/6.2.3.9
- version/cisco secure firewall management center/6.2.3.10
- version/cisco secure firewall management center/6.2.3.11
- version/cisco secure firewall management center/6.2.3.12
- version/cisco secure firewall management center/6.2.3.13
- version/cisco secure firewall management center/6.2.3.14
- version/cisco secure firewall management center/6.2.3.15
- version/cisco secure firewall management center/6.2.3.16
- version/cisco secure firewall management center/6.2.3.17
- version/cisco secure firewall management center/6.2.3.18
- version/cisco secure firewall management center/6.4.0
- version/cisco secure firewall management center/6.4.0.1
- version/cisco secure firewall management center/6.4.0.2
- version/cisco secure firewall management center/6.4.0.3
- version/cisco secure firewall management center/6.4.0.4
- version/cisco secure firewall management center/6.4.0.5
- version/cisco secure firewall management center/6.4.0.6
- version/cisco secure firewall management center/6.4.0.7
- version/cisco secure firewall management center/6.4.0.8
- version/cisco secure firewall management center/6.4.0.9
- version/cisco secure firewall management center/6.4.0.10
- version/cisco secure firewall management center/6.4.0.11
- version/cisco secure firewall management center/6.4.0.12
- version/cisco secure firewall management center/6.4.0.13
- version/cisco secure firewall management center/6.4.0.14
- version/cisco secure firewall management center/6.4.0.15
- version/cisco secure firewall management center/6.4.0.16
- version/cisco secure firewall management center/6.4.0.17
- version/cisco secure firewall management center/6.4.0.18
- version/cisco secure firewall management center/6.6.0
- version/cisco secure firewall management center/6.6.0.1
- version/cisco secure firewall management center/6.6.1
- version/cisco secure firewall management center/6.6.3
- version/cisco secure firewall management center/6.6.4
- version/cisco secure firewall management center/6.6.5
- version/cisco secure firewall management center/6.6.5.1
- version/cisco secure firewall management center/6.6.5.2
- version/cisco secure firewall management center/6.6.7
- version/cisco secure firewall management center/6.6.7.1
- version/cisco secure firewall management center/6.6.7.2
- version/cisco secure firewall management center/6.7.0
- version/cisco secure firewall management center/6.7.0.1
- version/cisco secure firewall management center/6.7.0.2
- version/cisco secure firewall management center/6.7.0.3
- version/cisco secure firewall management center/7.0.0
- version/cisco secure firewall management center/7.0.0.1
- version/cisco secure firewall management center/7.0.1
- version/cisco secure firewall management center/7.0.1.1
- version/cisco secure firewall management center/7.0.2
- version/cisco secure firewall management center/7.0.2.1
- version/cisco secure firewall management center/7.0.3
- version/cisco secure firewall management center/7.0.4
- version/cisco secure firewall management center/7.0.5
- version/cisco secure firewall management center/7.0.6
- version/cisco secure firewall management center/7.0.6.1
- version/cisco secure firewall management center/7.0.6.2
- version/cisco secure firewall management center/7.1.0
- version/cisco secure firewall management center/7.1.0.1
- version/cisco secure firewall management center/7.1.0.2
- version/cisco secure firewall management center/7.1.0.3
- version/cisco secure firewall management center/7.2.0
- version/cisco secure firewall management center/7.2.0.1
- version/cisco secure firewall management center/7.2.1
- version/cisco secure firewall management center/7.2.2
- version/cisco secure firewall management center/7.2.3
- version/cisco secure firewall management center/7.2.3.1
- version/cisco secure firewall management center/7.2.4
- version/cisco secure firewall management center/7.2.4.1
- version/cisco secure firewall management center/7.2.5
- version/cisco secure firewall management center/7.2.5.1
- version/cisco secure firewall management center/7.2.5.2
- version/cisco secure firewall management center/7.2.6
- version/cisco secure firewall management center/7.2.7
- version/cisco secure firewall management center/7.2.8
- version/cisco secure firewall management center/7.2.8.1
- version/cisco secure firewall management center/7.3.0
- version/cisco secure firewall management center/7.3.1
- version/cisco secure firewall management center/7.3.1.1
- version/cisco secure firewall management center/7.3.1.2
- version/cisco secure firewall management center/7.4.0
- version/cisco secure firewall management center/7.4.1
- version/cisco secure firewall management center/7.4.1.1