CVE-2023-20206
Summary
Multiple vulnerabilities exist in Cisco Firepower Management Center (FMC) Software's web interface, allowing unauthenticated remote attackers to perform stored cross-site scripting (XSS) attacks. These flaws stem from inadequate input validation and could enable attackers to execute arbitrary script code or access sensitive browser information, potentially impacting the FMC Dashboard's availability.
IFF Assessment
The article details vulnerabilities that can be exploited by attackers, posing a direct threat to systems and data.
Severity
Defender Context
This vulnerability in Cisco FMC Software's web interface is critical as it allows for stored XSS attacks by unauthenticated remote attackers. Defenders should prioritize patching or updating affected FMC software to mitigate the risk of script execution and unauthorized data access.