Cisco: Patch this critical firewall bug in Firepower Management Center

Cisco: Patch this critical firewall bug in Firepower Management Center

Cisco is urging customers to update its Firepower Management Center software, after users informed it of a critical bug that attackers could exploit over the internet. 


Networking



Like many Cisco bugs, the flaw was found in the web-based management interface of its software. The bug has a severity rating of 9.8 out of a possible 10 and means admins should patch sooner rather than later. 


The vulnerability is caused by a glitch in the way Cisco's software handles Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. Remote attackers could exploit the flaw by sending specially crafted HTTP requests to the device. 


SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)


Devices are vulnerable if they've been configured to authenticate users of the web interface through an external LDAP server. The networking company recommends that admins go to System > Users > External Authentication to see whether it's been configured for external LDAP authentication. 




How customers should remediate the issue will depend on which release of Firepower Management Center (FMC) they're running. There is no workaround, but hotfix patches are available for several new releases of FMC, and maintenance releases that address the flaw are scheduled for later this year.  


"Customers may install a fix either by upgrading to a fixed release or by installing a hotfix patch," Cisco notes. 




Cisco recommends that customers on FMC earlier than 6.1.0 – which is no longer supported – migrate to a supported version. However, there is a hotfix available. 


Customers on ..

Support the originator by clicking the read the rest link below.