The multinational company Cisco Systems encourages them customers to upgrade Firepower Management Center software due to a serious one error that was detected and that hackers could exploit through it Internet.
The error was found (like many other Cisco errors) in the web interface management (web-based management interface) of its software. This error is so serious that administrators should do it information as soon as possible without delay. The vulnerability detected is caused by an error in how Cisco software handles issues authentication of Lightweight Directory Access Protocol (LDAP) from an external server authentication. The hackers could exploit the error by sending specially processed HTTP requests to the device.
The Appliances that are configured to certify users of the web interface via an external LDAP server are vulnerable. Cisco recommends that administrators go to "System> Users> External Authentication" to see if it is configured for external LDAP authentication.
The way customers will fix it problem will depend on the version of the Firepower Management Center (FMC) they have.
There is no permanent one solution, but some patches for most newer versions of the FMC, and maintenance versions that address the error are also scheduled.
According to Cisco, this error detected does not affect Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense Software.
This critical FMC error follows recent updates available to troubleshoot three serious errors that affect Cisco Data Center Network Manager software (DCNM).
Finally, Cisco claims to know nothing malicious use of errors despite the fact that the expert who undertook the examination of the error stated that the error had issued a proof-of-concept exploit code.