Cisco Secure Firewall Management Center Software SQL Injection Vulnerability in REST API

A SQL injection vulnerability has been identified in the REST API of Cisco Secure Firewall Management Center (FMC) Software. This vulnerability allows an authenticated, remote attacker to manipulate SQL queries by exploiting inadequate validation of user input. Successful exploitation could lead to unauthorized read access to the database and certain files on the underlying operating system. To exploit this vulnerability, an attacker must have valid user credentials and hold one of the following roles: Administrator, Security Approver, Access Admin, or Network Admin.

Impact

Exploitation of this vulnerability could allow an authenticated attacker to perform SQL injection attacks, potentially leading to unauthorized access to the database and certain files on the underlying operating system.

Remediation

Cisco has released software updates to address this vulnerability. Instructions for upgrading to the fixed software version can be found on the Cisco Security Advisories page.