CVE-2020-3301— Cisco Firepower Management Center Static Credential Vulnerabilities
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-3301
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Firepower Management Center Static Credential Vulnerabilities
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple vulnerabilities in Cisco Firepower Management Center (FMC) Software and Cisco Firepower User Agent Software could allow an attacker to access a sensitive part of an affected system with a high-privileged account. For more information about these vulnerabilities, see the Details section of this advisory.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用硬编码的凭证
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco Firepower User Agent Software 信任管理问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco Firepower User Agent Software是美国思科(Cisco)公司的一套用于Firepower防火墙管理器的用户代理软件。 Cisco Firepower User Agent Software中存在信任管理问题漏洞,该漏洞源于系统账户使用了默认的静态密码并且系统管理员无法进行更改。远程攻击者可借助此账户利用该漏洞访问系统的敏感部分。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Cisco | Cisco Firepower Management Center | n/a | - |
II. Public POCs for CVE-2020-3301
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-3301
请登录查看更多情报信息。
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmcua-statcred-weeCcZctvendor-advisoryx_refsource_CISCO
- https://nvd.nist.gov/vuln/detail/CVE-2020-3301
Same Patch Batch · Cisco · 2020-05-06 · 35 CVEs total
| CVE-2020-3285 | Cisco Firepower Threat Defense Software SSL/TLS URL Category Bypass Vulnerability | |
| CVE-2020-3196 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS D | |
| CVE-2020-3246 | Cisco Umbrella Carriage Return Line Feed Injection Vulnerability | |
| CVE-2020-3253 | Cisco Firepower Threat Defense Software Shell Access Vulnerability | |
| CVE-2020-3254 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Media Gat | |
| CVE-2020-3255 | Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability | |
| CVE-2020-3256 | Cisco Hosted Collaboration Mediation Fulfillment XML External Expansion Vulnerability | |
| CVE-2020-3259 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Servi | |
| CVE-2020-3283 | Cisco Firepower 1000 Series SSL/TLS Denial of Service Vulnerability | |
| CVE-2020-3195 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF Pack | |
| CVE-2020-3298 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Malformed | |
| CVE-2020-3302 | Cisco Firepower Management Center File Overwrite Vulnerability | |
| CVE-2020-3303 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Den | |
| CVE-2020-3305 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software BGP Denia | |
| CVE-2020-3306 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DHCP Deni | |
| CVE-2020-3307 | Cisco Firepower Management Center Arbitrary Log File Write Vulnerability | |
| CVE-2020-3308 | Cisco Firepower Threat Defense Software Signature Verification Bypass Vulnerability | |
| CVE-2020-3315 | Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability | |
| CVE-2020-3178 | Cisco Content Security Management Appliance Open Redirect Vulnerabilities | |
| CVE-2020-3179 | Cisco Firepower Threat Defense Software Generic Routing Encapsulation Tunnel IPv6 Denial o |
Showing top 20 of 35 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Cisco Firepower Management Center
- CVE-2025-20220
Cisco Secure Firewall Management Center和Cisco Secure Firewal - CVE-2025-20306
Cisco Secure Firewall Management Center Software Command Inj - CVE-2025-20302
Cisco Secure Firewall Management Center Software Authorizati - CVE-2025-20301
Cisco Secure Firewall Management Center Software Authorizati - CVE-2025-20265
Cisco Secure Firewall Management Center Software Radius Remo
Same vendor: Cisco
- CVE-2026-20219
Cisco Slido 安全漏洞 - CVE-2026-20034
Cisco Unity Connection Remote Code Execution Vulnerability - CVE-2026-20035
Cisco Unity Connection Server-Side Request Forgery Vulnerabi - CVE-2026-20167
Cisco IoT Field Network Director Remote Device Denial of Ser - CVE-2026-20169
Cisco IoT Field Network Director Command Injection Vulnerabi
Same weakness: CWE-798
- CVE-2026-7414
Hardcoded credentials in Yarbo robot firmware - CVE-2026-8032
PicoTronica e-Clinic Healthcare System ECHS echs.js hard-cod - CVE-2026-32834
Easy PayPal Events & Tickets 1.3 Authentication Bypass via Q - CVE-2026-42376
D-Link DIR-456U A1 Hardcoded Telnet Backdoor Credentials - CVE-2026-42375
D-Link DIR-600L A1 Hardcoded Telnet Backdoor Credentials
V. Comments for CVE-2020-3301
No comments yet