Not the first major vuln in FMC
Cisco Secure FMC (formerly Firepower Management Center) manages critical Cisco network security solutions. It provides complete and unified management over firewalls, application control, intrusion prevention, URL filtering, and advanced malware protection. It oversees a number of Cisco products. However, the vendor has confirmed that this vulnerability does not affect Cisco Secure Firewall Adaptive Security Appliance (ASA) Software or Cisco Secure Firewall Threat Defense (FTD) Software.
Secure FMC also integrates with VMware’s vSphere platform, and the VMware ESXi and Microsoft Hyper-V hypervisors, and, depending on the version, can act as a management centre for cloud platforms including Amazon AWS, Google GCP, Microsoft Azure, Oracle OCI and on-premises private clouds.
This is not the first vulnerability to affect Cisco Secure FMC release 7.0.7, Beggs pointed out. Previous reports of other high severity issues including some causing denial of service, with CVSS scores ranging from 7.7 to 8.6. When those vulnerabilities were identified, Cisco recommended that users upgrade to newer versions, he said, which fixed those vulnerabilities.
