CVE-2023-20155
Summary
A vulnerability in Cisco Firepower Management Center (FMC) Software's logging API allows unauthenticated remote attackers to cause denial of service or unexpected reloads. Attackers with user credentials but not administrator privileges can also access restricted system log files. The vulnerability stems from a lack of rate-limiting on requests to the API.
IFF Assessment
FOE
This vulnerability allows for denial of service and unauthorized access to sensitive information, posing a direct threat to defenders.
Severity
7.5
High
Defender Context
This critical vulnerability in Cisco Firepower Management Center requires immediate attention from defenders. Organizations should prioritize patching to prevent denial-of-service attacks and potential data exposure through unauthorized log access.