Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
CiscoFirepower Threat Defense7.1.0

45 matches found

CVE
CVEadded 2021/12/10 10:15 a.m.5932 views

CVE-2021-44228

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message ...

10CVSS10AI score0.9447EPSS
In wildWeb
CVE
CVEadded 2023/09/06 6:15 p.m.887 views

CVE-2023-20269

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations o...

9.1CVSS8.7AI score0.00383EPSS
In wild
CVE
CVEadded 2024/04/24 7:15 p.m.470 views

CVE-2024-20359

A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code...

6CVSS7.3AI score0.00153EPSS
In wild
CVE
CVEadded 2024/04/24 7:15 p.m.424 views

CVE-2024-20353

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. ...

8.6CVSS8.4AI score0.13803EPSS
In wild
CVE
CVEadded 2022/05/03 4:15 a.m.242 views

CVE-2022-20759

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is...

8.8CVSS8.9AI score0.07362EPSS
CVE
CVEadded 2023/12/12 6:15 p.m.188 views

CVE-2023-20275

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to send packets with another VPN user's source IP address. This vulnerability is due to improper vali...

4.3CVSS4.6AI score0.00078EPSS
CVE
CVEadded 2022/05/03 4:15 a.m.153 views

CVE-2022-20746

A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper handling of TCP flows. An attacker could exploit this vulnerability b...

8.6CVSS7.9AI score0.00912EPSS
CVE
CVEadded 2022/05/03 4:15 a.m.132 views

CVE-2022-20757

A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper traffic handling when platform limits are re...

8.6CVSS7.9AI score0.01227EPSS
CVE
CVEadded 2022/05/03 4:15 a.m.115 views

CVE-2022-20760

A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to a lack of pr...

8.6CVSS7.8AI score0.02588EPSS
CVE
CVEadded 2022/05/03 4:15 a.m.112 views

CVE-2022-20745

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due ...

8.6CVSS7.9AI score0.01159EPSS
CVE
CVEadded 2022/05/03 4:15 a.m.111 views

CVE-2022-20742

A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due to an improper implementat...

7.4CVSS7.2AI score0.00132EPSS
CVE
CVEadded 2022/05/03 4:15 a.m.106 views

CVE-2022-20715

A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due t...

8.6CVSS8.5AI score0.01447EPSS
CVE
CVEadded 2022/05/03 4:15 a.m.100 views

CVE-2022-20767

A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of the DNS reputation enforcement ...

8.6CVSS7.7AI score0.01349EPSS
CVE
CVEadded 2022/08/10 5:15 p.m.99 views

CVE-2022-20713

A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This vulnerability is ...

6.1CVSS6.4AI score0.01833EPSS
CVE
CVEadded 2023/11/01 6:15 p.m.94 views

CVE-2023-20095

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to imp...

8.6CVSS8.3AI score0.00159EPSS
CVE
CVEadded 2022/11/15 9:15 p.m.90 views

CVE-2022-20947

A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. Thi...

8.6CVSS7.5AI score0.00177EPSS
CVE
CVEadded 2023/11/01 6:15 p.m.88 views

CVE-2023-20042

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an...

8.6CVSS8.3AI score0.00193EPSS
CVE
CVEadded 2022/08/10 5:15 p.m.86 views

CVE-2022-20866

A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA k...

7.5CVSS7.6AI score0.14408EPSS
CVE
CVEadded 2023/11/01 5:15 p.m.84 views

CVE-2023-20086

A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper processing of ICMPv6 message...

8.6CVSS8.4AI score0.00417EPSS
CVE
CVEadded 2023/11/01 6:15 p.m.81 views

CVE-2023-20083

A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the CPU of an affected device to spike to 100 percent, which could stop all traffic processing and result...

8.6CVSS8.4AI score0.00255EPSS
CVE
CVEadded 2024/10/23 6:15 p.m.72 views

CVE-2024-20412

A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials. This vulnerability is due to the presence of static accounts with hard-coded p...

9.3CVSS9AI score0.00051EPSS
CVE
CVEadded 2023/11/01 6:15 p.m.69 views

CVE-2023-20071

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could ...

5.8CVSS5.6AI score0.00024EPSS
CVE
CVEadded 2024/05/22 5:16 p.m.68 views

CVE-2024-20355

A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an aff...

5CVSS6.8AI score0.0081EPSS
CVE
CVEadded 2025/05/07 6:15 p.m.67 views

CVE-2025-20182

A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol processing of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of s...

8.6CVSS8.5AI score0.0013EPSS
CVE
CVEadded 2022/11/15 9:15 p.m.66 views

CVE-2022-20922

Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. These vulner...

6.5CVSS6.8AI score0.00033EPSS
CVE
CVEadded 2022/11/15 9:15 p.m.66 views

CVE-2022-20928

A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to establish a connection as a different user. This vulnerability is due ...

5.8CVSS5.8AI score0.00046EPSS
CVE
CVEadded 2023/11/01 6:15 p.m.65 views

CVE-2023-20063

A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root per...

8.2CVSS8.4AI score0.00026EPSS
CVE
CVEadded 2023/11/01 5:15 p.m.64 views

CVE-2023-20270

A vulnerability in the interaction between the Server Message Block (SMB) protocol preprocessor and the Snort 3 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) con...

5.8CVSS5.9AI score0.00014EPSS
CVE
CVEadded 2024/10/23 6:15 p.m.64 views

CVE-2024-20402

A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vu...

8.6CVSS8.5AI score0.00329EPSS
CVE
CVEadded 2023/11/01 5:15 p.m.63 views

CVE-2023-20245

Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to...

5.8CVSS5.8AI score0.00018EPSS
CVE
CVEadded 2023/11/01 5:15 p.m.62 views

CVE-2023-20244

A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper hand...

8.6CVSS8.4AI score0.00166EPSS
CVE
CVEadded 2023/11/01 6:15 p.m.60 views

CVE-2023-20247

A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to bypass a configured multiple certificate authentication policy and connect using only a valid u...

5CVSS4.8AI score0.00026EPSS
CVE
CVEadded 2024/10/23 6:15 p.m.59 views

CVE-2024-20495

A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition on an a...

8.6CVSS8.5AI score0.00111EPSS
CVE
CVEadded 2023/11/01 5:15 p.m.57 views

CVE-2023-20256

Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to...

5.8CVSS5.8AI score0.0003EPSS
CVE
CVEadded 2024/05/22 5:16 p.m.57 views

CVE-2024-20261

A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a l...

5.8CVSS6.9AI score0.00192EPSS
CVE
CVEadded 2023/11/01 5:15 p.m.56 views

CVE-2023-20177

A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3 detection engine could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to ...

4CVSS4.7AI score0.00012EPSS
CVE
CVEadded 2024/10/23 5:15 p.m.52 views

CVE-2024-20268

A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an unexpected reload of the device. This vulnerability is due to insu...

7.7CVSS7.4AI score0.00374EPSS
CVE
CVEadded 2024/10/23 5:15 p.m.45 views

CVE-2024-20297

A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow t...

5.8CVSS5.8AI score0.00079EPSS
CVE
CVEadded 2024/10/23 5:15 p.m.44 views

CVE-2024-20299

A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow t...

5.8CVSS5.8AI score0.00079EPSS
CVE
CVEadded 2024/10/23 6:15 p.m.39 views

CVE-2024-20431

A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy. This vulnerability is due to improper assignment of geolocation data. An attacker could exploit this vulnera...

5.8CVSS5.8AI score0.00072EPSS
CVE
CVEadded 2024/10/23 6:15 p.m.37 views

CVE-2024-20382

A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected...

6.1CVSS6AI score0.00064EPSS
CVE
CVEadded 2024/10/23 6:15 p.m.37 views

CVE-2024-20407

A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies on an affected system. Devices that are configured with Snort 2 are no...

5.8CVSS5.7AI score0.00117EPSS
CVE
CVEadded 2024/10/23 6:15 p.m.37 views

CVE-2024-20408

A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an atta...

7.7CVSS7.4AI score0.00085EPSS
CVE
CVEadded 2024/10/23 6:15 p.m.34 views

CVE-2024-20384

A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied t...

5.8CVSS5.8AI score0.00106EPSS
CVE
CVEadded 2024/10/23 5:15 p.m.33 views

CVE-2024-20330

A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause memory corruption, which could cause the Snort detection engine to restart une...

8.6CVSS8.6AI score0.00111EPSS