Lucene search

K
CiscoFirepower Threat Defense7.1.0

30 matches found

CVE
CVE
added 2021/12/10 10:15 a.m.5638 views

CVE-2021-44228

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message ...

10CVSS10AI score0.94358EPSS
CVE
CVE
added 2023/09/06 6:15 p.m.848 views

CVE-2023-20269

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations o...

9.1CVSS8.7AI score0.00226EPSS
CVE
CVE
added 2024/04/24 7:15 p.m.433 views

CVE-2024-20359

A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code...

6CVSS7.3AI score0.00105EPSS
CVE
CVE
added 2024/04/24 7:15 p.m.393 views

CVE-2024-20353

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. ...

8.6CVSS8.4AI score0.1227EPSS
CVE
CVE
added 2022/05/03 4:15 a.m.241 views

CVE-2022-20759

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is...

8.8CVSS8.9AI score0.0613EPSS
CVE
CVE
added 2023/12/12 6:15 p.m.187 views

CVE-2023-20275

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to send packets with another VPN user's source IP address. This vulnerability is due to improper vali...

4.3CVSS4.6AI score0.00078EPSS
CVE
CVE
added 2022/05/03 4:15 a.m.152 views

CVE-2022-20746

A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper handling of TCP flows. An attacker could exploit this vulnerability b...

8.6CVSS7.9AI score0.00912EPSS
CVE
CVE
added 2022/05/03 4:15 a.m.131 views

CVE-2022-20757

A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper traffic handling when platform limits are re...

8.6CVSS7.9AI score0.01227EPSS
CVE
CVE
added 2022/05/03 4:15 a.m.114 views

CVE-2022-20760

A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to a lack of pr...

8.6CVSS7.8AI score0.02573EPSS
CVE
CVE
added 2022/05/03 4:15 a.m.111 views

CVE-2022-20745

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due ...

8.6CVSS7.9AI score0.01159EPSS
CVE
CVE
added 2022/05/03 4:15 a.m.110 views

CVE-2022-20742

A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due to an improper implementat...

7.4CVSS7.2AI score0.00132EPSS
CVE
CVE
added 2022/05/03 4:15 a.m.105 views

CVE-2022-20715

A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due t...

8.6CVSS8.5AI score0.01456EPSS
CVE
CVE
added 2022/05/03 4:15 a.m.99 views

CVE-2022-20767

A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of the DNS reputation enforcement ...

8.6CVSS7.7AI score0.01349EPSS
CVE
CVE
added 2022/08/10 5:15 p.m.98 views

CVE-2022-20713

A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This vulnerability is ...

6.1CVSS6.4AI score0.04442EPSS
CVE
CVE
added 2023/11/01 6:15 p.m.92 views

CVE-2023-20095

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to imp...

8.6CVSS8.3AI score0.00159EPSS
CVE
CVE
added 2022/11/15 9:15 p.m.88 views

CVE-2022-20947

A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. Thi...

8.6CVSS7.5AI score0.0012EPSS
CVE
CVE
added 2023/11/01 6:15 p.m.87 views

CVE-2023-20042

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an...

8.6CVSS8.3AI score0.00193EPSS
CVE
CVE
added 2023/11/01 5:15 p.m.83 views

CVE-2023-20086

A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper processing of ICMPv6 message...

8.6CVSS8.4AI score0.00417EPSS
CVE
CVE
added 2024/10/23 6:15 p.m.71 views

CVE-2024-20412

A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials. This vulnerability is due to the presence of static accounts with hard-coded p...

9.3CVSS9AI score0.00047EPSS
CVE
CVE
added 2022/11/15 9:15 p.m.65 views

CVE-2022-20928

A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to establish a connection as a different user. This vulnerability is due ...

5.8CVSS5.8AI score0.00031EPSS
CVE
CVE
added 2022/11/15 9:15 p.m.64 views

CVE-2022-20922

Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. These vulner...

6.5CVSS6.8AI score0.00026EPSS
CVE
CVE
added 2024/10/23 6:15 p.m.63 views

CVE-2024-20402

A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vu...

8.6CVSS8.5AI score0.00312EPSS
CVE
CVE
added 2023/11/01 5:15 p.m.61 views

CVE-2023-20245

Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to...

5.8CVSS5.8AI score0.00018EPSS
CVE
CVE
added 2023/11/01 5:15 p.m.61 views

CVE-2023-20270

A vulnerability in the interaction between the Server Message Block (SMB) protocol preprocessor and the Snort 3 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) con...

5.8CVSS5.9AI score0.00022EPSS
CVE
CVE
added 2023/11/01 5:15 p.m.59 views

CVE-2023-20244

A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper hand...

8.6CVSS8.4AI score0.00166EPSS
CVE
CVE
added 2023/11/01 6:15 p.m.58 views

CVE-2023-20247

A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to bypass a configured multiple certificate authentication policy and connect using only a valid u...

5CVSS4.8AI score0.00026EPSS
CVE
CVE
added 2023/11/01 5:15 p.m.56 views

CVE-2023-20256

Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to...

5.8CVSS5.8AI score0.0003EPSS
CVE
CVE
added 2023/11/01 5:15 p.m.54 views

CVE-2023-20177

A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3 detection engine could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to ...

4CVSS4.7AI score0.00012EPSS
CVE
CVE
added 2024/10/23 6:15 p.m.38 views

CVE-2024-20431

A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy. This vulnerability is due to improper assignment of geolocation data. An attacker could exploit this vulnera...

5.8CVSS5.8AI score0.00068EPSS
CVE
CVE
added 2024/10/23 6:15 p.m.36 views

CVE-2024-20382

A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected...

6.1CVSS6AI score0.00061EPSS