A vulnerability in the module import function of the administrative interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to view sensitive information. This vulnerability is due to insufficient validation of the XML syntax when importing a module. An attacker could exploit this vulnerability by supplying a specially crafted XML file to the function. A successful exploit could allow the attacker to read sensitive data that would normally not be revealed.
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Secure_firewall_management_center | Cisco | 6.1.0 (including) | 6.1.0 (including) |
| Secure_firewall_management_center | Cisco | 6.1.0.1 (including) | 6.1.0.1 (including) |
| Secure_firewall_management_center | Cisco | 6.1.0.2 (including) | 6.1.0.2 (including) |
| Secure_firewall_management_center | Cisco | 6.1.0.3 (including) | 6.1.0.3 (including) |
| Secure_firewall_management_center | Cisco | 6.1.0.4 (including) | 6.1.0.4 (including) |
| Secure_firewall_management_center | Cisco | 6.1.0.5 (including) | 6.1.0.5 (including) |
| Secure_firewall_management_center | Cisco | 6.1.0.6 (including) | 6.1.0.6 (including) |
| Secure_firewall_management_center | Cisco | 6.1.0.7 (including) | 6.1.0.7 (including) |
| Secure_firewall_management_center | Cisco | 6.2.0 (including) | 6.2.0 (including) |
| Secure_firewall_management_center | Cisco | 6.2.0.1 (including) | 6.2.0.1 (including) |
| Secure_firewall_management_center | Cisco | 6.2.0.2 (including) | 6.2.0.2 (including) |
| Secure_firewall_management_center | Cisco | 6.2.0.3 (including) | 6.2.0.3 (including) |
| Secure_firewall_management_center | Cisco | 6.2.0.4 (including) | 6.2.0.4 (including) |
| Secure_firewall_management_center | Cisco | 6.2.0.5 (including) | 6.2.0.5 (including) |
| Secure_firewall_management_center | Cisco | 6.2.0.6 (including) | 6.2.0.6 (including) |
| Secure_firewall_management_center | Cisco | 6.2.1 (including) | 6.2.1 (including) |
| Secure_firewall_management_center | Cisco | 6.2.2 (including) | 6.2.2 (including) |
| Secure_firewall_management_center | Cisco | 6.2.2.1 (including) | 6.2.2.1 (including) |
| Secure_firewall_management_center | Cisco | 6.2.2.2 (including) | 6.2.2.2 (including) |
| Secure_firewall_management_center | Cisco | 6.2.2.3 (including) | 6.2.2.3 (including) |
| Secure_firewall_management_center | Cisco | 6.2.2.4 (including) | 6.2.2.4 (including) |
| Secure_firewall_management_center | Cisco | 6.2.2.5 (including) | 6.2.2.5 (including) |
| Secure_firewall_management_center | Cisco | 6.2.3 (including) | 6.2.3 (including) |
| Secure_firewall_management_center | Cisco | 6.2.3.1 (including) | 6.2.3.1 (including) |
| Secure_firewall_management_center | Cisco | 6.2.3.2 (including) | 6.2.3.2 (including) |
| Secure_firewall_management_center | Cisco | 6.2.3.3 (including) | 6.2.3.3 (including) |
| Secure_firewall_management_center | Cisco | 6.2.3.4 (including) | 6.2.3.4 (including) |
| Secure_firewall_management_center | Cisco | 6.2.3.5 (including) | 6.2.3.5 (including) |
| Secure_firewall_management_center | Cisco | 6.2.3.6 (including) | 6.2.3.6 (including) |
| Secure_firewall_management_center | Cisco | 6.2.3.7 (including) | 6.2.3.7 (including) |
| Secure_firewall_management_center | Cisco | 6.2.3.8 (including) | 6.2.3.8 (including) |
| Secure_firewall_management_center | Cisco | 6.2.3.9 (including) | 6.2.3.9 (including) |
| Secure_firewall_management_center | Cisco | 6.2.3.10 (including) | 6.2.3.10 (including) |
| Secure_firewall_management_center | Cisco | 6.2.3.11 (including) | 6.2.3.11 (including) |
| Secure_firewall_management_center | Cisco | 6.2.3.12 (including) | 6.2.3.12 (including) |
| Secure_firewall_management_center | Cisco | 6.2.3.13 (including) | 6.2.3.13 (including) |
| Secure_firewall_management_center | Cisco | 6.2.3.14 (including) | 6.2.3.14 (including) |
| Secure_firewall_management_center | Cisco | 6.2.3.15 (including) | 6.2.3.15 (including) |
| Secure_firewall_management_center | Cisco | 6.2.3.16 (including) | 6.2.3.16 (including) |
| Secure_firewall_management_center | Cisco | 6.2.3.17 (including) | 6.2.3.17 (including) |
| Secure_firewall_management_center | Cisco | 6.2.3.18 (including) | 6.2.3.18 (including) |
| Secure_firewall_management_center | Cisco | 6.3.0 (including) | 6.3.0 (including) |
| Secure_firewall_management_center | Cisco | 6.3.0.1 (including) | 6.3.0.1 (including) |
| Secure_firewall_management_center | Cisco | 6.3.0.2 (including) | 6.3.0.2 (including) |
| Secure_firewall_management_center | Cisco | 6.3.0.3 (including) | 6.3.0.3 (including) |
| Secure_firewall_management_center | Cisco | 6.3.0.4 (including) | 6.3.0.4 (including) |
| Secure_firewall_management_center | Cisco | 6.3.0.5 (including) | 6.3.0.5 (including) |
| Secure_firewall_management_center | Cisco | 6.4.0 (including) | 6.4.0 (including) |
| Secure_firewall_management_center | Cisco | 6.4.0.1 (including) | 6.4.0.1 (including) |
| Secure_firewall_management_center | Cisco | 6.4.0.2 (including) | 6.4.0.2 (including) |
| Secure_firewall_management_center | Cisco | 6.4.0.3 (including) | 6.4.0.3 (including) |
| Secure_firewall_management_center | Cisco | 6.4.0.4 (including) | 6.4.0.4 (including) |
| Secure_firewall_management_center | Cisco | 6.4.0.5 (including) | 6.4.0.5 (including) |
| Secure_firewall_management_center | Cisco | 6.4.0.6 (including) | 6.4.0.6 (including) |
| Secure_firewall_management_center | Cisco | 6.4.0.7 (including) | 6.4.0.7 (including) |
| Secure_firewall_management_center | Cisco | 6.4.0.8 (including) | 6.4.0.8 (including) |
| Secure_firewall_management_center | Cisco | 6.4.0.9 (including) | 6.4.0.9 (including) |
| Secure_firewall_management_center | Cisco | 6.4.0.10 (including) | 6.4.0.10 (including) |
| Secure_firewall_management_center | Cisco | 6.4.0.11 (including) | 6.4.0.11 (including) |
| Secure_firewall_management_center | Cisco | 6.4.0.12 (including) | 6.4.0.12 (including) |
| Secure_firewall_management_center | Cisco | 6.4.0.13 (including) | 6.4.0.13 (including) |
| Secure_firewall_management_center | Cisco | 6.4.0.14 (including) | 6.4.0.14 (including) |
| Secure_firewall_management_center | Cisco | 6.4.0.15 (including) | 6.4.0.15 (including) |
| Secure_firewall_management_center | Cisco | 6.5.0 (including) | 6.5.0 (including) |
| Secure_firewall_management_center | Cisco | 6.5.0.1 (including) | 6.5.0.1 (including) |
| Secure_firewall_management_center | Cisco | 6.5.0.2 (including) | 6.5.0.2 (including) |
| Secure_firewall_management_center | Cisco | 6.5.0.3 (including) | 6.5.0.3 (including) |
| Secure_firewall_management_center | Cisco | 6.5.0.4 (including) | 6.5.0.4 (including) |
| Secure_firewall_management_center | Cisco | 6.5.0.5 (including) | 6.5.0.5 (including) |
| Secure_firewall_management_center | Cisco | 6.6.0 (including) | 6.6.0 (including) |
| Secure_firewall_management_center | Cisco | 6.6.0.1 (including) | 6.6.0.1 (including) |
| Secure_firewall_management_center | Cisco | 6.6.1 (including) | 6.6.1 (including) |
| Secure_firewall_management_center | Cisco | 6.6.3 (including) | 6.6.3 (including) |
| Secure_firewall_management_center | Cisco | 6.6.4 (including) | 6.6.4 (including) |
| Secure_firewall_management_center | Cisco | 6.6.5 (including) | 6.6.5 (including) |
| Secure_firewall_management_center | Cisco | 6.6.5.1 (including) | 6.6.5.1 (including) |
| Secure_firewall_management_center | Cisco | 6.6.5.2 (including) | 6.6.5.2 (including) |
| Secure_firewall_management_center | Cisco | 6.7.0 (including) | 6.7.0 (including) |
| Secure_firewall_management_center | Cisco | 6.7.0.1 (including) | 6.7.0.1 (including) |
| Secure_firewall_management_center | Cisco | 6.7.0.2 (including) | 6.7.0.2 (including) |
| Secure_firewall_management_center | Cisco | 6.7.0.3 (including) | 6.7.0.3 (including) |
| Secure_firewall_management_center | Cisco | 7.0.0 (including) | 7.0.0 (including) |
| Secure_firewall_management_center | Cisco | 7.0.0.1 (including) | 7.0.0.1 (including) |
| Secure_firewall_management_center | Cisco | 7.0.1 (including) | 7.0.1 (including) |
| Secure_firewall_management_center | Cisco | 7.0.1.1 (including) | 7.0.1.1 (including) |
| Secure_firewall_management_center | Cisco | 7.0.2 (including) | 7.0.2 (including) |
| Secure_firewall_management_center | Cisco | 7.0.2.1 (including) | 7.0.2.1 (including) |
| Secure_firewall_management_center | Cisco | 7.0.3 (including) | 7.0.3 (including) |
| Secure_firewall_management_center | Cisco | 7.0.4 (including) | 7.0.4 (including) |
| Secure_firewall_management_center | Cisco | 7.1.0 (including) | 7.1.0 (including) |
| Secure_firewall_management_center | Cisco | 7.1.0.1 (including) | 7.1.0.1 (including) |
| Secure_firewall_management_center | Cisco | 7.1.0.2 (including) | 7.1.0.2 (including) |