Lucene search
K
CiscoFirepower Management Center

9 matches found

CVE
CVE
added 2024/10/23 5:34 p.m.60 views

CVE-2024-20387

CVE-2024-20387 affects Cisco FMC Software (Web-based management interface). The issue is due to improper input sanitization, enabling an authenticated, remote attacker to store malicious content for stored XSS by persuading a user to click a malicious link. Impact is stored XSS on the affected de...

5.4CVSS5.2AI score0.00301EPSS
CVE
CVE
added 2024/10/23 5:38 p.m.58 views

CVE-2024-20410

Cisco Firepower Management Center (FMC) web-based management interface is affected by a cross-site scripting (XSS) vulnerability due to insufficient input validation. The issue allows an unauthenticated, remote attacker to craft input in interface data fields that could execute arbitrary script c...

6.1CVSS5.3AI score0.00301EPSS
CVE
CVE
added 2024/10/23 5:35 p.m.56 views

CVE-2024-20388

Cisco Firepower Management Center (FMC) password-change flow is vulnerable due to improper authentication of password update responses. An unauthenticated, remote attacker could force a password reset and potentially enumerate valid usernames from the unauthenticated response. Affected product: F...

5.3CVSS5.6AI score0.00441EPSS
CVE
CVE
added 2024/10/23 5:46 p.m.56 views

CVE-2024-20415

Cisco Firepower Management Center (FMC) web interface suffers reflected XSS due to insufficient validation of user-supplied input. Affected component is the web-based management UI; exploitation by an unauthenticated, remote attacker could run arbitrary script code in the interface context or acc...

6.1CVSS5AI score0.00301EPSS
CVE
CVE
added 2024/10/23 5:30 p.m.53 views

CVE-2024-20379

Cisco Secure Firewall Management Center (FMC) Software contains a vulnerability in its web-based management interface that could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system. The issue arises from improper validation of user-supplied input; ...

6.5CVSS6.3AI score0.00615EPSS
CVE
CVE
added 2024/10/23 5:38 p.m.53 views

CVE-2024-20409

CVE-2024-20409 affects Cisco Firepower Management Center (FMC) Web UI. The issue is insufficient validation of user-supplied input in the web-based management interface, enabling an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack by inserting crafted input into int...

6.1CVSS5AI score0.00301EPSS
CVE
CVE
added 2024/10/23 5:33 p.m.49 views

CVE-2024-20386

The CVE-2024-20386 entry describes stored XSS in the web-based management interface of Cisco Firepower Management Center (FMC) Software due to insufficient validation of user-supplied input. An unauthenticated, remote attacker could inject crafted input into interface data fields to execute scrip...

6.1CVSS5AI score0.00366EPSS
CVE
CVE
added 2024/10/23 5:36 p.m.49 views

CVE-2024-20403

CVE-2024-20403 affects Cisco Firepower Management Center (FMC) Software, specifically its web-based management interface. Root cause: insufficient validation of user-supplied input in the interface, enabling a cross-site scripting (XSS) attack. Impact: an authenticated remote attacker could execu...

5.4CVSS5AI score0.00285EPSS
CVE
CVE
added 2024/10/23 5:29 p.m.48 views

CVE-2024-20372

Cisco Firepower Management Center (FMC) faces CVE-2024-20372: an unauthenticated, remote attacker can exploit a stored XSS via the web-based management interface due to insufficient input validation. Affected component is the FMC web UI; exploit could run arbitrary script in the interface context...

6.1CVSS5.9AI score0.00379EPSS