2 matches found
Cisco Firepower Device Manager On-Box Software XML Parsing (cisco-sa-xpftd-gYDXyN8H)
According to its self-reported version, Cisco Firepower Threat Defense Software is affected by a vulnerability in the XML parser code of Cisco Firepower Device Manager On-Box software. An authenticated, remote attacker can exploit this in multiple ways using a malicious file in order to crash the...
CVE-2020-3310
CVE-2020-3310 relates to Cisco Firepower Device Manager On-Box software where an XML parser in the On-Box component can be overwhelmed by a crafted XML file. An authenticated attacker (with admin rights or SSL VPN access) could cause the XML parser to crash, leading to system instability, memory ...