204 matches found
Design/Logic Flaw
A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. This vulnerability is due to insufficient error handling in the local malware...
Design/Logic Flaw
A vulnerability in the connection handling function in Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper traffic handling when platform limits are...
CVE-2022-20729
Cisco Firepower Threat Defense (FTD) Software CLI is affected by an XML injection vulnerability due to insufficient input validation in the command parser. An authenticated, local attacker could supply crafted input to inject XML, potentially causing unexpected command processing and output. Cisc...
CVE-2022-20760 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DNS Inspection Denial of Service Vulnerability
A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service condition DoS on an affected device. This vulnerability is due to a lack of proper...
CVE-2022-20757
Cisco Firepower Threat Defense (FTD) Software contains a DoS vulnerability where a high-rate UDP flood exploits improper traffic handling once platform limits are reached, causing all new connections to be dropped. This is an unauthenticated, remote attack described in multiple sources (Cisco adv...
CVE-2022-20746
Cisco Firepower Threat Defense (FTD) Software TCP proxy can be DoSed by an unauthenticated, remote attacker via a crafted TCP stream due to improper handling of TCP flows. Impact is device reload leading to availability loss. Cisco and third-party advisories (Cisco Security Advisory, Nessus plugi...
CVE-2022-20745 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Denial of Service Vulnerability
A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to...
Cisco Firepower Threat Defense AnyConnect SSL VPN DoS (cisco-sa-vpndtls-dos-TunzLEV)
According to its self-reported version, Cisco FTD Software is affected by a vulnerability in the implementation of the Datagram TLS DTLS protocol that could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service DoS condition. This vulnerability ...
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DNS Inspection Denial of Service Vulnerability
A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service condition DoS on an affected device. This vulnerability is due to a lack of proper...
Race condition
A vulnerability in the implementation of the Datagram TLS DTLS protocol in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service DoS condition...
CVE-2022-20795 Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect SSL VPN Denial of Service Vulnerability
A vulnerability in the implementation of the Datagram TLS DTLS protocol in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service DoS condition...
Cisco Firepower Management Center Software Configuration Information Disclosure Vulnerabilities
According to its self-reported version, Cisco FTD Software is affected by multiple vulnerabilities as referenced in the cisco-sa-fmc-infodisc-Ft2WVmNU advisory. Multiple information disclosure vulnerabilities exist in the web-based GUI of Cisco Firepower Management Center FMC. An authenticated,...
Cisco Firepower Threat Defense Software CLI Arbitrary File Write (cisco-sa-ftd-file-write-SHVcmQVc)
According to its self-reported version, Cisco FTD Software is affected by a vulnerability due to incomplete validation of user input for a specific CLI command. An authenticated, local attacker can exploit this, by authenticating to the device with administrative privileges, in order to overwrite...
CVE-2021-34781
A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. This vulnerability is due to a lack of proper error...
CVE-2021-34790
Multiple vulnerabilities in the Application Level Gateway ALG for the Network Address Translation NAT feature of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized...
CVE-2021-34783
A vulnerability in the software-based SSL/TLS message handler of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. This...
Input validation
A vulnerability in the software-based SSL/TLS message handler of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. This...
Design/Logic Flaw
Multiple vulnerabilities in the Application Level Gateway ALG for the Network Address Translation NAT feature of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized...
Design/Logic Flaw
A vulnerability in the memory management of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper resource...
CVE-2021-34793 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability
A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service DoS vulnerability. This...