32 matches found
The vulnerability of the Cisco Firepower Extensible Operating System allows a hacker to inject any Web or HTML code.
The vulnerability of the Cisco Firepower Extensible Operating System’s web interface exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to inject arbitrary Web or HTML code by entering special parameters remote...
The vulnerability of the Cisco Firepower Extensible Operating System allows a intruder to trigger a maintenance failure.
The vulnerability of the Cisco Firepower Extensible Operating System’s driver exists due to insufficient verification of input data. Exploiting this vulnerability allows a malicious actor, operating locally, to trigger a service failure using a pre-prepared USB device that transmits erroneous USB...
The vulnerability of the Cisco Firepower Extensible Operating System allows a perpetrator to gain access to the authentication data of arbitrary users.
The vulnerability of the Cisco Firepower Extensible Operating System is related to the manipulation of inter-site requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the authentication credentials of arbitrary users...
CVE-2015-6380
An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.11.160 on Firepower 9000 devices allows remote authenticated users to execute arbitrary OS commands via crafted parameters, aka Bug ID CSCux10622...
Cisco Firepower 9000 Firepower Extensible Operating System File Read Vulnerability
The Cisco Firepower Extensible Operating System on Firepower 9000 is an operating system from Cisco that runs in the 9000 series firewall appliances. A security vulnerability in Cisco Firepower Extensible Operating System 1.1 1.160 on Cisco Firepower 9000 devices allows remote attackers to read...
CVE-2015-6370
The CVE-2015-6370 entry describes a local command-injection vulnerability in the Management I/O (MIO) CLI of Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices. The root cause is insufficient sanitization of user-supplied input in the CLI, allowing an authenticated l...
CVE-2015-6371
CVE-2015-6371 affects Cisco Firepower Extensible Operating System (FSO) 1.1(1.160) on Firepower 9000 devices. The issue arises from lack of input validation in parameters passed to certain user scripts, enabling remote authenticated users to read arbitrary files on the device via crafted script i...
CVE-2015-6369
The USB driver in Cisco Firepower Extensible Operating System 1.11.160 on Firepower 9000 devices allows physically proximate attackers to cause a denial of service via a crafted USB device that triggers invalid USB commands, aka Bug ID CSCux10531...
CVE-2015-6369
The CVE-2015-6369 issue affects Cisco Firepower Extensible Operating System on Firepower 9000 devices (1.1(1.160)) via the USB driver. Root cause: insufficient sanitization of USB input parameters that allows a crafted USB device to trigger invalid kernel commands, enabling a local, unauthenticat...
CVE-2015-6373
CVE-2015-6373 affects Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices. Root cause: CSRF vulnerability due to lack of CSRF protection. Impact: remote attackers could hijack user authentication and perform unwanted actions. Exploitation details: described as unauthe...
Cisco Firepower 9000 Series Device Information Disclosure Vulnerability
Cisco Firepower Extensible Operating System on Firepower 9000 device is a set of operating systems from Cisco that run on 9000 series firewall devices. A security vulnerability exists in the Cisco Firepower Extensible Operating System version 1.1 1.86 on the Cisco Firepower 9000 device, which...
CVE-2015-4287
CVE-2015-4287 affects Cisco Firepower Extensible Operating System 1.1(1.86) on Firepower 9000 devices. The issue arises from improper authentication validation in the device’s web interface, allowing remote attackers to bypass access restrictions and obtain sensitive device information by visitin...