CVE-2021-34751— Cisco Firepower Management Center 安全漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2021-34751の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Cisco Firepower Management Center Software Configuration Information Disclosure Vulnerability
ソース: NVD (National Vulnerability Database)
脆弱性説明
A vulnerability in the administrative web-based GUI configuration manager of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to access sensitive configuration information. The attacker would require low privilege credentials on an affected device. This vulnerability exists because of improper encryption of sensitive information stored within the GUI configuration manager. An attacker could exploit this vulnerability by logging into the GUI of Cisco FMC Software and navigating to certain sensitive configurations. A successful exploit could allow the attacker to view sensitive configuration parameters in clear text.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.[[Publication_URL{Layout()}]]This advisory is part of the October 2021 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see .
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
在GUI中的明文存储
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Cisco Firepower Management Center 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Cisco Firepower Management Center(FMC)是美国思科(Cisco)公司的新一代防火墙管理中心软件。 Cisco Firepower Management Center Software 存在安全漏洞,该漏洞源于 GUI 配置管理器中存储的敏感信息的加密不当。攻击者可以通过登录 Cisco FMC 软件的 GUI 并导航到某些敏感配置来利用这些漏洞。成功的利用可能允许攻击者以明文形式查看敏感的配置参数。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
| ベンダー | プロダクト | 影響を受けるバージョン | CPE | 購読 |
|---|---|---|---|---|
| Cisco | Cisco Firepower Management Center | N/A | - |
II. CVE-2021-34751の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2021-34751のインテリジェンス情報
请登录查看更多情报信息。
Same Patch Batch · Cisco · 2024-11-15 · 50 CVEs total
| CVE-2023-20036 | 9.9 CRITICAL | Cisco Industrial Network Director Command Injection Vulnerability |
| CVE-2023-20154 | 9.1 CRITICAL | Cisco Modeling Labs External Authentication Bypass Vulnerability |
| CVE-2022-20655 | 8.8 HIGH | Cisco 多款产品操作系统命令注入漏洞 |
| CVE-2023-20125 | 8.6 HIGH | Cisco BroadWorks Network Server TCP Denial of Service Vulnerability |
| CVE-2022-20649 | 8.1 HIGH | Cisco Redundancy Configuration Manager Debug Remote Code Execution Vulnerability |
| CVE-2022-20685 | 7.5 HIGH | Multiple Cisco Products Snort Modbus Denial of Service Vulnerability |
| CVE-2022-20853 | 7.4 HIGH | Cisco Expressway Series and Cisco TelePresence VCS Cross-Site Request Forgery Vulnerabilit |
| CVE-2022-20814 | 7.4 HIGH | Cisco Expressway Series and Cisco TelePresence VCS Improper Certificate Validation Vulnera |
| CVE-2022-20793 | 6.8 MEDIUM | Cisco Touch 10 Device Insufficient Identity Verification Vulnerability |
| CVE-2023-20090 | 6.7 MEDIUM | Cisco TelePresence Collaboration Endpoint and RoomOS Software Privilege Escalation Vulnera |
| CVE-2021-34752 | 6.7 MEDIUM | Cisco Firepower Threat Defense Command Injection Vulnerabilities |
| CVE-2022-20652 | 6.5 MEDIUM | Cisco Tetration Command Injection Vulnerability |
| CVE-2021-1484 | 6.5 MEDIUM | Cisco SD-WAN vManage Command Injection Vulnerability |
| CVE-2022-20931 | 6.5 MEDIUM | Cisco Touch 10 Device Downgrade Attack Vulnerability |
| CVE-2022-20656 | 6.5 MEDIUM | Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Path Traversal V |
| CVE-2021-1483 | 6.4 MEDIUM | Cisco SD-WAN vManage Software XML External Entity Vulnerability |
| CVE-2021-1482 | 6.4 MEDIUM | Cisco SD-WAN vManage Authorization Bypass Vulnerability |
| CVE-2022-20871 | 6.3 MEDIUM | Cisco Secure Web Appliance Privilege Escalation Vulnerability |
| CVE-2022-20849 | 6.1 MEDIUM | Cisco IOS XR Software Broadband Network Gateway PPPoE Denial of Service Vulnerability |
| CVE-2022-20657 | 6.1 MEDIUM | Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Cross-Site Scrip |
Showing 20 of 50 CVEs. View all on vendor page →
IV. 関連脆弱性
- CVE-2025-20220
Cisco Secure Firewall Management Center和Cisco Secure Firewal - CVE-2025-20306
Cisco Secure Firewall Management Center Software Command Inj - CVE-2025-20302
Cisco Secure Firewall Management Center Software Authorizati - CVE-2025-20301
Cisco Secure Firewall Management Center Software Authorizati - CVE-2025-20265
Cisco Secure Firewall Management Center Software Radius Remo
同じベンダー: Cisco
- CVE-2026-20219
Cisco Slido 安全漏洞 - CVE-2026-20034
Cisco Unity Connection Remote Code Execution Vulnerability - CVE-2026-20035
Cisco Unity Connection Server-Side Request Forgery Vulnerabi - CVE-2026-20167
Cisco IoT Field Network Director Remote Device Denial of Ser - CVE-2026-20169
Cisco IoT Field Network Director Command Injection Vulnerabi
同じ弱点: CWE-317
V. CVE-2021-34751へのコメント
まだコメントはありません