Cisco Secure Firewall Management Center Software SQL Injection Vulnerability in REST API

A SQL injection vulnerability has been identified in the REST API of Cisco Secure Firewall Management Center (FMC) Software. This vulnerability allows an authenticated, remote attacker to conduct SQL injection attacks on the affected system. The issue arises from inadequate validation of user-supplied input, enabling attackers to send crafted requests that exploit this weakness. Successful exploitation could grant attackers read access to the database and certain files on the underlying operating system. To exploit this vulnerability, valid user credentials are required, with roles including Administrator, Security Approver, Intrusion Admin, Access Admin, or Network Admin.

Impact

Exploitation of this vulnerability could lead to unauthorized read access to the database and certain files on the underlying operating system.

Remediation

Cisco has released software updates to address this vulnerability. For guidance on upgrading, consult the Cisco Software Checker tool, which identifies the earliest release that fixes this vulnerability. Instructions for using the Cisco Software Checker are available in the advisory.