2 matches found
Cisco Firepower Threat Defense Device Manager Web UI Request Handling Arbitrary Log Entry Injection (cisco-sa-20170201-fpw2)
According to its version and configuration, the Cisco Firepower Threat Defense FTD software installed on the remote device is affected by an arbitrary log entry injection vulnerability in the Firepower Device Manager FDM due to improper validation of user-supplied input. An unauthenticated, remot...
CVE-2017-3822
CVE-2017-3822 describes an unauthenticated remote vulnerability in the logging subsystem of Cisco Firepower Threat Defense (FTD) when FDM (Firepower Device Manager) is enabled. The issue allows an attacker to add arbitrary entries to the audit log due to inadequate input validation in the FDM web...