Cisco Security Risk Announced

by Robinson Roca
Practice Leader – Network Infrastructure

A dangerous vulnerability has been announced for the Cisco Firepower Management Center (FMC). It has a CVSS Score of Base 9.8, and a CVE designation of CVE-2019-16028.

This vulnerability only affects those using LDAP to authenticate Administrator access to the Cisco FMC. If LDAP is configured as an external authentication agent, or in other words, if Active Directory is used to authenticate access to the FMC then the FMC may be affected, and you need to evaluate the versions of FMC running in your environment.

An attacker taking advantage of this vulnerability could gain administrative access to the web-based management interface of the affected device by crafting HTTP packets and directing them at the FMC.

There are fixed versions of software, and upgrading is the permanent fix for this issue.

Helient subscribes to multiple vulnerability reports and informs our customers as soon as possible.

This vulnerability was published as of:  2020 January 22 16:00 GMT.

Helient is working to evaluate our Managed Services Clients as we speak. If you are not a Helient Managed Services customer, please reach out to us, we will be very happy to offer assistance.

More details can be found here: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth

However, if you would like more information or assistance from our industry-leading team of Cisco experts to plan and execute the work around, please contact us at service@helient.com.