What is CVE-2020-3410?

CVE-2020-3410 is a high-severity vulnerability in Cisco Firepower Management Center, classified under Improper Authentication. CVSS score: 8.1/10. Published 2020-10-21.

How severe is CVE-2020-3410?

High severity. CVSS v3 base score is 8.1 out of 10.

Auth bypass in Cisco Firepower Management Center

CVE-2020-3410

A vulnerability in the Common Access Card (CAC) authentication feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and access the FMC system. The attacker mus…

Vulnerability class: Broken Authentication

EPSS: 0.006 (70.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Cisco Firepower Management Center — versions n/a

Weakness classification (CWE)

CWE-287 — Improper Authentication

References

20201021 Cisco Firepower Management Center Software Common Access Card Authentication Bypass Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2020-3410?: CVE-2020-3410 is a high-severity vulnerability in Cisco Firepower Management Center, classified under Improper Authentication. CVSS score: 8.1/10. Published 2020-10-21.
How severe is CVE-2020-3410?: High severity. CVSS v3 base score is 8.1 out of 10.