Lucene search
K
CiscoFirepower Threat Defense

230 matches found

CVE
CVE
added 2024/11/15 3:36 p.m.7314 views

CVE-2022-20685

CVE-2022-20685 is a DoS vulnerability in the Snort Modbus preprocessor caused by an integer overflow when processing Modbus traffic. An unauthenticated, remote attacker could craft traffic to cause the Snort process to hang and halt traffic inspection. Cisco has released software updates addressi...

7.5CVSS7.7AI score0.01386EPSS
CVE
CVE
added 2021/12/10 12:0 a.m.6871 views

CVE-2021-44228

CVE-2021-44228 (Log4Shell) affects Apache Log4j2 2.0-beta9 through 2.15.0 (excluding some security releases) and is specific to log4j-core. The vulnerability arises from JNDI features used in configuration, log messages, and parameters, which can be exploited when an attacker can control log mess...

10CVSS10AI score0.99999EPSS
In wildWeb
CVE
CVE
added 2023/10/10 12:0 a.m.5308 views

CVE-2023-44487

CVE-2023-44487 – HTTP/2 Rapid Reset DoS Root cause: HTTP/2 stream resets can cause servers to continue processing, leading to unbounded resource consumption and potential DoS when clients rapidly cancel streams. What’s affected: Various HTTP/2 implementations and deployments, including servers, p...

7.5CVSS8AI score0.99999EPSS
In wild
CVE
CVE
added 2020/07/22 8:0 p.m.1530 views

CVE-2020-3452

CVE-2020-3452 affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) web services. The issue is due to improper input validation of URLs in HTTP requests, enabling unauthenticated, remote attackers to perform directory traversal and read files from the web services filesystem (enable...

7.5CVSS7.5AI score0.99992EPSS
In wildWeb
CVE
CVE
added 2018/06/07 12:0 p.m.1243 views

CVE-2018-0296

CVE-2018-0296 affects Cisco ASA and related FTD/FTD-based offerings, where an improper input validation of HTTP URLs in the web interface allows unauthenticated remote access to trigger DoS (device reload) or, on some releases, expose sensitive information via directory traversal. Public referenc...

7.5CVSS7.8AI score0.99903EPSS
In wildWeb
CVE
CVE
added 2020/10/21 6:40 p.m.1201 views

CVE-2020-3580

Cisco ASA/FTD web services suffer XSS due to insufficient input validation in the web UI, allowing unauthenticated, remote attackers to induce script execution or access browser data via crafted links. Affected products include Cisco ASA and FTD with specific AnyConnect/WebVPN configurations. Imp...

6.1CVSS6.4AI score0.85439EPSS
In wild
CVE
CVE
added 2023/09/06 5:9 p.m.1011 views

CVE-2023-20269

Cisco ASA/FTD remote access VPN vulnerability CVE-2023-20269 allows an unauthenticated, remote attacker to perform brute force against credentials or, for older releases (

9.1CVSS8.7AI score0.21583EPSS
In wild
CVE
CVE
added 2023/06/28 12:0 a.m.649 views

CVE-2023-20006

CVE-2023-20006 affects Cisco ASA/FTD on Cisco Firepower 2100 Series appliances, where the hardware SSL/TLS offload cryptography implementation error can cause an unauthenticated attacker to trigger a device reload and DoS. The root cause is an implementation flaw in hardware-based SSL/TLS process...

8.6CVSS7.5AI score0.00919EPSS
CVE
CVE
added 2025/09/25 4:12 p.m.643 views

CVE-2025-20333

CVE-2025-20333 affects Cisco Secure Firewall ASA/FTD VPN web server. The issue stems from improper validation of HTTP(S) input in VPN requests, allowing an authenticated remote attacker with VPN credentials to execute arbitrary code as root and potentially fully compromise the device. A related v...

9.9CVSS7.4AI score0.40391EPSS
In wild
CVE
CVE
added 2025/09/25 4:12 p.m.541 views

CVE-2025-20362

CVE-2025-20362 affects Cisco Secure Firewall ASA/FTD VPN web server. Root cause: improper validation of user-supplied input in HTTP(S) requests, allowing an unauthenticated remote attacker to access restricted VPN-related URL endpoints. Impact: potential DoS via unexpected reloads (and in some re...

8.6CVSS9AI score0.85543EPSS
In wild
CVE
CVE
added 2024/04/24 6:16 p.m.501 views

CVE-2024-20359

CVE-2024-20359 affects Cisco ASA and Cisco FTD. A legacy capability flaw allows an authenticated local attacker to exploit improper validation of a file read from flash memory by copying a crafted file to disk0:, enabling arbitrary code execution with root privileges after the next device reload....

6CVSS7.3AI score0.19434EPSS
In wild
CVE
CVE
added 2024/04/24 6:15 p.m.470 views

CVE-2024-20353

CVE-2024-20353 affects Cisco ASA/FTD Web Services. The vulnerability stems from incomplete error checking when parsing HTTP headers, allowing an unauthenticated remote attacker to trigger a reload and cause a DoS. Exploitation is referenced by multiple sources, including CISA’s Known Exploited Vu...

8.6CVSS8.4AI score0.70686EPSS
In wild
CVE
CVE
added 2020/05/06 4:41 p.m.378 views

CVE-2020-3187

Cisco ASA/FTD web services interface (Cisco ASA Software and Cisco Firepower Threat Defense) is vulnerable to CVE-2020-3187 via directory traversal. The authenticated or unauthenticated attacker can craft HTTP requests (e.g., to /+CSCOE+/session_password.html) to view and delete files within the ...

9.1CVSS8.9AI score0.96595EPSS
In wildWeb
CVE
CVE
added 2018/01/29 8:0 p.m.366 views

CVE-2018-0101

CVE-2018-0101 concerns Cisco ASA webvpn: a double-free in the webvpn component can allow an unauthenticated remote attacker to trigger a reload or execute arbitrary code by sending crafted XML packets to a webvpn-configured interface. Public PoCs and PoC sources exist (exploit-db, GitHub), illust...

10CVSS9.6AI score0.87138EPSS
CVE
CVE
added 2020/05/06 4:41 p.m.351 views

CVE-2020-3259

CVE-2020-3259 is Cisco ASA/FTD Web Services Information Disclosure: an unauthenticated attacker could retrieve memory contents via crafted GET requests due to a buffer-tracking issue, with impact limited to specific AnyConnect/WebVPN configurations. Cisco and CVE listings confirm information disc...

7.5CVSS7.7AI score0.71789EPSS
In wild
CVE
CVE
added 2022/05/03 3:15 a.m.258 views

CVE-2022-20759

Cisco ASA and Firepower Threat Defense (FTD) web services interface for remote access VPN features contains a privilege-escalation flaw due to improper separation of authentication and authorization scopes. An authenticated but unprivileged remote attacker can send crafted HTTPS requests to the w...

8.8CVSS8.9AI score0.28369EPSS
CVE
CVE
added 2021/01/13 9:16 p.m.203 views

CVE-2021-1223

CVE-2021-1223 affects Cisco products with the Snort detection engine, where incorrect handling of HTTP range header (per Cisco/NVD wording) could allow an unauthenticated, remote attacker to bypass a configured HTTP file policy and deliver a malicious payload by sending crafted HTTP packets throu...

7.5CVSS6.5AI score0.01985EPSS
CVE
CVE
added 2023/12/12 6:6 p.m.203 views

CVE-2023-20275

CVE-2023-20275 affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software, specifically the AnyConnect SSL VPN feature. The root cause is improper validation of the inner source IP address after decryption, allowing an authenticated, remote attacker to send packets that appear t...

4.3CVSS4.6AI score0.00412EPSS
CVE
CVE
added 2022/05/03 3:15 a.m.165 views

CVE-2022-20746

Cisco Firepower Threat Defense (FTD) Software TCP proxy can be DoSed by an unauthenticated, remote attacker via a crafted TCP stream due to improper handling of TCP flows. Impact is device reload leading to availability loss. Cisco and third-party advisories (Cisco Security Advisory, Nessus plugi...

8.6CVSS7.9AI score0.01257EPSS
CVE
CVE
added 2021/01/13 9:16 p.m.148 views

CVE-2021-1224

CVE-2021-1224 affects Cisco products via a TCP Fast Open (TFO) related bypass of HTTP file policies when used with Snort. The vulnerability arises from incorrect detection of HTTP payloads that are partially contained in the TFO handshake, enabling an unauthenticated, remote attacker to deliver a...

5.8CVSS5.7AI score0.02005EPSS
CVE
CVE
added 2025/09/25 4:12 p.m.148 views

CVE-2025-20363

CVE-2025-20363 affects Cisco Secure Firewall ASA/FTD web services and several Cisco IOS families. The issue arises from improper validation of user-supplied input in HTTP requests, allowing an unauthenticated remote attacker (ASA/FTD) or an authenticated, low-privilege remote attacker (IOS/IOS XE...

9CVSS7.2AI score0.0752EPSS
In wild
CVE
CVE
added 2022/05/03 3:15 a.m.145 views

CVE-2022-20757

Cisco Firepower Threat Defense (FTD) Software contains a DoS vulnerability where a high-rate UDP flood exploits improper traffic handling once platform limits are reached, causing all new connections to be dropped. This is an unauthenticated, remote attack described in multiple sources (Cisco adv...

8.6CVSS7.9AI score0.01166EPSS
CVE
CVE
added 2024/10/23 5:36 p.m.144 views

CVE-2024-20407

Cisco Firepower Threat Defense (FTD) Software contains a vulnerability in the interaction between the TCP Intercept feature and Snort 3 detection engine that could allow an unauthenticated, remote attacker to bypass configured policies and inject unintended traffic through an affected device. The...

5.8CVSS5.7AI score0.00391EPSS
CVE
CVE
added 2022/05/03 3:16 a.m.136 views

CVE-2022-20715

The CVE-2022-20715 issue affects Cisco ASA and Cisco FTD remote access SSL VPN. Affected components are the remote access VPN error handling related to client connections; improper validation of errors could allow an unauthenticated, remote attacker to trigger a restart and DoS by sending crafted...

8.6CVSS8.5AI score0.01256EPSS
CVE
CVE
added 2022/05/03 3:15 a.m.136 views

CVE-2022-20760

The CVE-2022-20760 entry concerns Cisco ASA Software and Firepower Threat Defense (FTD) DNS inspection handler. The vulnerability arises from improper processing of incoming DNS requests, enabling an unauthenticated, remote attacker to trigger a denial-of-service condition by sending crafted DNS ...

8.6CVSS7.8AI score0.0149EPSS
CVE
CVE
added 2022/05/03 3:16 a.m.128 views

CVE-2022-20729

Cisco Firepower Threat Defense (FTD) Software CLI is affected by an XML injection vulnerability due to insufficient input validation in the command parser. An authenticated, local attacker could supply crafted input to inject XML, potentially causing unexpected command processing and output. Cisc...

7.8CVSS5.9AI score0.00257EPSS
CVE
CVE
added 2022/04/21 6:50 p.m.128 views

CVE-2022-20795

The CVE-2022-20795 issue affects Cisco ASA/FTD DTLS handling during AnyConnect SSL VPN, where suboptimal DTLS tunnel processing can be exploited by an unauthenticated remote attacker to cause high CPU utilization and a DoS. Affected software runs DTLS as part of establishing VPN tunnels; payload ...

7.5CVSS6.4AI score0.00685EPSS
CVE
CVE
added 2022/05/03 3:15 a.m.126 views

CVE-2022-20767

CVE-2022-20767 describes a DoS vulnerability in Cisco Firepower Threat Defense (FTD) software due to improper handling of the DNS reputation enforcement rule in the Snort 3 evaluation. An unauthenticated, remote attacker could send crafted UDP packets through an affected device to cause a buildup...

8.6CVSS7.7AI score0.0156EPSS
CVE
CVE
added 2023/03/23 12:0 a.m.126 views

CVE-2023-20081

CVE-2023-20081 affects Cisco ASA, FTD, IOS, and IOS XE IPv6 DHCP (DHCPv6) client. Root cause: insufficient validation of DHCPv6 messages in the client module, enabling an unauthenticated remote attacker to trigger a device reload and cause a DoS. Exploitation requires control of the DHCPv6 server...

6.8CVSS6.2AI score0.00678EPSS
CVE
CVE
added 2022/05/03 3:16 a.m.125 views

CVE-2022-20742

Cisco ASA Software and Firepower Threat Defense (FTD) Software contain an IPsec IKEv2 VPN information disclosure vulnerability (CVE-2022-20742) due to improper GCM cipher implementation. An unauthenticated, remote attacker in a man-in-the-middle position can intercept encrypted messages across an...

7.4CVSS7.2AI score0.00425EPSS
CVE
CVE
added 2022/11/10 5:30 p.m.125 views

CVE-2022-20927

CVE-2022-20927 affects Cisco ASA and Cisco FTD SSL/TLS client software. The issue stems from improper memory management when the device initiates SSL/TLS connections, enabling an authenticated, remote attacker to provoke an unexpected reload and DoS by ensuring the device connects to an SSL/TLS s...

7.7CVSS6.4AI score0.00495EPSS
CVE
CVE
added 2022/05/03 3:15 a.m.124 views

CVE-2022-20745

CVE-2022-20745 affects Cisco ASA (ASAs) and Cisco Firepower Threat Defense (FTD) web services interface for remote access VPN. Root cause: improper input validation when parsing HTTPS requests, allowing unauthenticated remote attackers to trigger a reload and DoS. Affected products include ASA/FT...

8.6CVSS7.9AI score0.01385EPSS
CVE
CVE
added 2023/03/23 12:0 a.m.124 views

CVE-2023-20107

Cisco CVE-2023-20107 affects Cisco ASA (5506-X, 5508-X, 5516-X) ASA Software and Cisco FTD Software due to insufficient entropy in the deterministic random bit generator (DRBG/PRNG) used for cryptographic key generation. The root cause is low entropy in DRBG on affected hardware, enabling an unau...

7.5CVSS5.6AI score0.00717EPSS
CVE
CVE
added 2021/10/27 6:56 p.m.122 views

CVE-2021-40114

CVE-2021-40114 affects multiple Cisco products via the Snort detection engine’s ICMP processing, causing DoS from improper memory/resource management when handling ICMP packets. Root cause: memory/resource management flaw in ICMP packet processing. Impact: unauthenticated remote DoS, potentially ...

7.8CVSS6.9AI score0.02367EPSS
CVE
CVE
added 2022/08/10 4:20 p.m.117 views

CVE-2022-20713

CVE-2022-20713 affects Cisco ASA/FTD VPN web client services. Root cause: improper input validation sent to the VPN web client, enabling an unauthenticated user to trigger browser-based attacks (e.g., cross-site scripting) by persuading a user to visit a crafted site. Impact is browser-executable...

6.1CVSS6.4AI score0.01302EPSS
CVE
CVE
added 2020/10/21 6:40 p.m.116 views

CVE-2020-3578

CVE-2020-3578 affects Cisco ASA and Cisco Firepower Threat Defense (FTD) web services interface. The issue is an insufficient validation of URLs in portal access rules, enabling an unauthenticated, remote attacker to bypass a configured access rule and reach parts of the WebVPN portal that should...

6.5CVSS5.8AI score0.01217EPSS
CVE
CVE
added 2023/11/01 5:14 p.m.115 views

CVE-2023-20095

The CVE-2023-20095 issue affects Cisco ASA and Cisco Firepower Threat Defense (FTD) remote access VPN. The root cause is improper handling of HTTPS requests, allowing an unauthenticated remote attacker to trigger resource exhaustion and a DoS on affected devices. Connected sources confirm this vu...

8.6CVSS8.3AI score0.0064EPSS
CVE
CVE
added 2020/10/21 6:41 p.m.111 views

CVE-2020-3563

CVE-2020-3563 affects Cisco Firepower Threat Defense (FTD) Software. The vulnerability stems from inefficient memory management in the packet-processing path, enabling an unauthenticated, remote attacker to perform a TCP flood by sending many TCP packets to a specific port. This can exhaust syste...

8.6CVSS8.4AI score0.01398EPSS
CVE
CVE
added 2020/10/21 6:35 p.m.109 views

CVE-2020-3529

The CVE-2020-3529 issue affects Cisco ** ASA** and FTD software. It is a vulnerability in the SSL VPN negotiation process caused by inefficient direct memory access (DMA) memory management during SSL VPN negotiation. An unauthenticated, remote attacker could send a steady stream of crafted DTLS t...

8.6CVSS7.9AI score0.01833EPSS
CVE
CVE
added 2020/10/21 6:36 p.m.109 views

CVE-2020-3582

CVE-2020-3582 involves multiple XSS vulnerabilities in the web services interface of Cisco ASA and Firepower Threat Defense (FTD) software. The root cause is insufficient validation of user-supplied input in the device’s web interface, allowing an unauthenticated, remote attacker to persuade a us...

6.1CVSS6.1AI score0.01145EPSS
CVE
CVE
added 2022/11/10 5:31 p.m.109 views

CVE-2022-20826

CVE-2022-20826 affects Cisco Secure Firewalls 3100 Series running ASA or FTD software. Root cause is a logic error in the secure boot boot process, enabling an unauthenticated attacker with physical access to bypass secure boot, inject code at a specific memory location, and execute persistent co...

6.8CVSS6.7AI score0.00323EPSS
CVE
CVE
added 2020/02/26 4:51 p.m.107 views

CVE-2020-3166

CVE-2020-3166 : Cisco FXOS Software contains a CLI input validation flaw in the FXOS CLI command path that allows an authenticated, local attacker to read or write arbitrary files on the OS. The issue is triggered by crafted arguments to a specific CLI command, enabling partial to high impact on ...

6.7CVSS5.1AI score0.00285EPSS
CVE
CVE
added 2022/11/10 5:29 p.m.107 views

CVE-2022-20947

CVE-2022-20947 affects Cisco ASA and Firepower Threat Defense (FTD) software via the Dynamic Access Policies (DAP) feature. The root cause is improper processing of HostScan data from the Posture module, allowing an unauthenticated, remote attacker to cause an affected device to reload and suffer...

8.6CVSS7.5AI score0.00866EPSS
CVE
CVE
added 2022/08/10 4:20 p.m.106 views

CVE-2022-20866

CVE-2022-20866 is a Cisco RSA private-key leakage flaw affecting Cisco ASA/FTD software due to a logic error in in-memory RSA key handling on hardware crypto platforms. An unauthenticated, remote attacker could perform a Lenstra side-channel attack to recover private keys, potentially impersonate...

7.5CVSS7.6AI score0.16647EPSS
CVE
CVE
added 2023/11/01 5:16 p.m.106 views

CVE-2023-20083

CVE-2023-20083 affects Cisco Firepower Threat Defense (FTD) Software in ICMPv6 inspection when Snort 2 is enabled. The flaw stems from improper error checking while parsing ICMPv6 header fields, allowing an unauthenticated remote attacker to trigger CPU exhaustion (up to 100%) and cause a DoS by ...

8.6CVSS8.4AI score0.00693EPSS
CVE
CVE
added 2018/04/19 8:0 p.m.105 views

CVE-2018-0230

Cisco Firepower 2100 Series appliances running FTD 6.2.1–6.2.2 are vulnerable due to improper validation of fragmented IPv4/IPv6 packets after reassembly in the internal packet-processing path, causing Snort processes to reach 100% CPU and a DoS. Exploitation requires sending malicious fragmented...

8.6CVSS8.4AI score0.0184EPSS
CVE
CVE
added 2020/10/21 6:25 p.m.103 views

CVE-2020-3299

CVE-2020-3299 affects multiple Cisco products via the Snort detection engine, where incorrect handling of modified HTTP packets in chunked responses can bypass an HTTP File Policy. The attack would require sending crafted HTTP requests through an affected device to bypass policy and deliver a pay...

5.8CVSS5.9AI score0.02279EPSS
CVE
CVE
added 2020/10/21 6:41 p.m.103 views

CVE-2020-3554

CVE-2020-3554 affects Cisco ASA and FTD TCP packet processing due to a memory exhaustion condition, allowing unauthenticated remote DoS via high-rate crafted TCP traffic. Real-world impact per sources: potential exhaustion of device resources and DoS for transit traffic. Connected advisories conf...

8.6CVSS7.5AI score0.02633EPSS
CVE
CVE
added 2020/10/21 6:35 p.m.102 views

CVE-2020-3528

CVE-2020-3528 describes a DoS vulnerability in the OSPFv2 implementation of Cisco ASA and Firepower Threat Defense (FTD) software. The issue arises from incomplete input validation when processing certain OSPFv2 packets with Link-Local Signaling (LLS) data, which could allow an unauthenticated, r...

8.6CVSS8AI score0.01415EPSS
CVE
CVE
added 2022/05/03 3:15 a.m.102 views

CVE-2022-20748

Cisco Firepower Threat Defense (FTD) Software contains a vulnerability in the local malware analysis process caused by insufficient error handling. An unauthenticated, remote attacker can trigger a DoS by sending a crafted file, crashing the local malware analysis process. Cisco’s advisory notes ...

5.3CVSS5.3AI score0.01206EPSS
Total number of security vulnerabilities230