What is CVE-2024-20360?

CVE-2024-20360 is a high-severity vulnerability in Cisco Firepower Management Center, classified under SQL Injection. CVSS score: 8.8/10. Published 2024-05-22.

How severe is CVE-2024-20360?

High severity. CVSS v3 base score is 8.8 out of 10.

SQL Injection in Cisco Firepower Management Center

CVE-2024-20360

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists becau…

Vulnerability class: SQL Injection

EPSS: 0.033 (87.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Cisco Firepower Management Center — versions 7.0.0, 7.0.0.1, 7.0.1

Weakness classification (CWE)

CWE-89 — SQL Injection

References

cisco-sa-fmc-sqli-WFFDnNOs

Frequently asked questions

What is CVE-2024-20360?: CVE-2024-20360 is a high-severity vulnerability in Cisco Firepower Management Center, classified under SQL Injection. CVSS score: 8.8/10. Published 2024-05-22.
How severe is CVE-2024-20360?: High severity. CVSS v3 base score is 8.8 out of 10.