CVE-2019-16028 : A vulnerability in the web-based management interface of Cisco Firepower Managem

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device.

Published 2020-09-23 01:15:14

Updated 2024-11-26 16:09:02

Source Cisco Systems, Inc.

View at NVD, CVE.org

Products affected by CVE-2019-16028

Cisco » Secure Firewall Management Center
Versions before (<) 6.2.3.16
cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*
Matching versions
Cisco » Secure Firewall Management Center
Versions from including (>=) 6.3.0 and before (<) 6.3.0.6
cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*
Matching versions
Cisco » Secure Firewall Management Center
Versions from including (>=) 6.4.0 and before (<) 6.4.0.7
cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*
Matching versions
Cisco » Secure Firewall Management Center
Versions from including (>=) 6.5.0 and before (<) 6.5.0.2
cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2019-16028

EPSS FAQ

3.42%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 86 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2019-16028

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
9.8	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	Cisco Systems, Inc.
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2019-16028

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Assigned by:
- nvd@nist.gov (Primary)
- ykramarz@cisco.com (Secondary)

References for CVE-2019-16028

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth

Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability
Vendor Advisory

Jump to

Vulnerability Details : CVE-2019-16028

Products affected by CVE-2019-16028

Exploit prediction scoring system (EPSS) score for CVE-2019-16028

CVSS scores for CVE-2019-16028

CWE ids for CVE-2019-16028

References for CVE-2019-16028