An attacker could exploit this vulnerability by performing a CAC-based authentication attempt to an affected system. The vulnerability is due to incorrect session invalidation during CAC authentication. The attacker must have a valid CAC to initiate the access attempt.
A vulnerability in the Common Access Card (CAC) authentication feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and access the FMC system.
