204 matches found
CVE-2024-20355
CVE-2024-20355 affects Cisco ASA/FTD SAML SSO. The issue stems from improper separation of authorization domains, allowing an authenticated remote user to reuse a SAML token to access a tunnel group they are not authorized for, enabling a remote VPN session to secured networks behind the device. ...
CVE-2024-20361
A vulnerability in the Object Groups for Access Control Lists ACLs feature of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to bypass configured access controls on managed devices that are running Cisco Firepower Threat Defense FTD Software. This...
CVE-2024-20361
Cisco CVE-2024-20361 affects Firepower Management Center (FMC) Software, enabling an unauthenticated remote attacker to bypass access controls on managed Firepower Threat Defense (FTD) devices. The root cause is the incorrect deployment of the Object Groups for ACLs feature from FMC to FTD in hig...
CVE-2024-20261
A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a...
Cisco Firepower Management Center Software Object Group Access Control List Bypass Vulnerability
A vulnerability in the Object Groups for Access Control Lists ACLs feature of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to bypass configured access controls on managed devices that are running Cisco Firepower Threat Defense FTD Software. This...
CVE-2024-20359
A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary code...
CVE-2024-20359
A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary code...
CVE-2023-20275
A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to send packets with another VPN user's source IP address. This vulnerability is due to improper...
Multiple Cisco Products Snort FTP Inspection Bypass (cisco-sa-snort-ftd-zXYtnjOM) (CSCwb69096)
According to its self-reported version, Cisco FTD Software is affected by a vulnerability. Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...
CVE-2023-20264
A vulnerability in the implementation of Security Assertion Markup Language SAML 2.0 single sign-on SSO for remote access VPN in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to intercept the SAML...
CVE-2023-20031
A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a logic error that occurs whe...
CVE-2023-20042
A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an...
CVE-2023-20244
A vulnerability in the internal packet processing of Cisco Firepower Threat Defense FTD Software for Cisco Firepower 2100 Series Firewalls could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handli...
Design/Logic Flaw
A vulnerability in the interaction between the Server Message Block SMB protocol preprocessor and the Snort 3 detection engine for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service DoS conditi...
Race condition
A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to improper processing of ICMPv6 messages. A...
CVE-2023-20063 Cisco Cisco Firepower Threat Defense Software and Cisco Firepower Management Center Code Injection Vulnerability
A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense FTD Software and devices that are running Cisco Firepower Management FMC Software could allow an authenticated, local attacker to execute arbitrary commands with root...
CVE-2023-20264
Cisco ASA/FTD SAML SSO implementation flaw allows an unauthenticated attacker to intercept a user’s SAML assertion during remote VPN authentication due to insufficient login URL validation. An attacker can entice a user to visit a site under the attacker’s control, modify the login URL, and use t...
CVE-2023-20031
The CVE-2023-20031 issue affects Cisco Firepower Threat Defense (FTD) with Snort 3, where a logic error in SSL/TLS certificate handling during SSL handshake under load can be exploited by a high rate of connection requests to cause the Snort 3 engine to reload. Consequences documented include pot...
CVE-2023-20270
CVE-2023-20270 concerns Cisco Firepower Threat Defense Software where the SMB protocol preprocessor and Snort 3 detection engine interaction is flawed due to improper error-checking when processing SMB traffic. An unauthenticated, remote attacker could send crafted SMB streams to bypass policies ...
CVE-2023-20244
CVE-2023-20244 affects Cisco Firepower Threat Defense (FTD) on Cisco Firepower 2100 Series, with vulnerable internal packet processing in the inspection engine. The issue allows an unauthenticated, remote attacker to trigger a DoS by sending crafted packets, potentially depleting all 9,472-byte b...