The version of Cisco Firepower Management Center installed on the remote host is prior to tested version. It is, therefore, affected by insufficient validation of user-supplied parameters for certain API endpoints. An attacker could exploit these vulnerabilities by sending crafted input to an affected API endpoint. A successful exploit could allow an attacker to execute arbitrary commands on the device with low system privileges.

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.Read More