Symptom
This product includes Third-party Software that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:
CVE-2023-51385 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385
The affected third-party software component has been upgraded to a version that includes fixes for the vulnerability. This vulnerability will not affect future versions of the product(s).
Conditions
All Firepower Platforms (1xxx, 2xxx, 3xxx, 41xxx, 93xx)
FXOS version: 2.10, 2.11, 2.12, 2.13, 2.14, 2.16, 2.6
Device with default configuration.
Workaround
Not available or not applicable.
Further Problem Description
Additional details about the vulnerabilities listed above can be found at https://www.cve.org/
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 3.1 score.
The Base CVSS score as of the time of evaluation is 3.9:
https://sec.cloudapps.cisco.com/security/center/cvssCalculator.x?version=3.1&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
CVE ID CVE-2023-51385 have been assigned to document this issue.
Additional information on Cisco's security vulnerability policy can be
found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
Contact TAC to find out fixed versions.
