Secure Firewall Management Center@6.1.0 Security Vulnerabilities and Issues — Secure Firewall Management Center@6.1.0 CVE List

Lucene search

CiscoSecure Firewall Management Center6.1.0

37 matches found

CVE•added 2022/11/15 9:15 p.m.•71 views

CVE-2022-20938

A vulnerability in the module import function of the administrative interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to view sensitive information. This vulnerability is due to insufficient validation of the XML syntax when importing a modu...

4.3CVSS4.5AI score0.00038EPSS

CVE•added 2022/11/15 9:15 p.m.•70 views

CVE-2022-20832

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. These vulnerabilities are due...

4.8CVSS5AI score0.00038EPSS

CVE•added 2018/05/02 10:29 p.m.•66 views

CVE-2018-0278

A vulnerability in the management console of Cisco Firepower System Software could allow an unauthenticated, remote attacker to access sensitive data about the system. The vulnerability is due to improper cross-origin domain protections for the WebSocket protocol. An attacker could exploit this vul...

6.5CVSS6.4AI score0.00828EPSS

CVE•added 2017/10/05 7:29 a.m.•63 views

CVE-2017-12244

A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service (DoS) condition because the Snort process restarts unexpectedly. The vulnerability is due...

8.6CVSS8.5AI score0.00274EPSS

CVE•added 2022/11/15 9:15 p.m.•62 views

CVE-2022-20833

4.8CVSS5AI score0.00038EPSS

CVE•added 2022/11/15 9:15 p.m.•62 views

CVE-2022-20843

4.8CVSS5AI score0.00038EPSS

CVE•added 2022/11/15 9:15 p.m.•62 views

CVE-2022-20935

4.8CVSS5AI score0.00035EPSS

CVE•added 2017/10/05 7:29 a.m.•61 views

CVE-2017-12245

A vulnerability in SSL traffic decryption for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause depletion of system memory, aka a Firepower Detection Engine SSL Decryption Memory Consumption Denial of Service vulnerability. If this memory leak pe...

8.6CVSS8.4AI score0.00662EPSS

CVE•added 2022/11/15 9:15 p.m.•60 views

CVE-2022-20831

4.8CVSS5AI score0.00043EPSS

CVE•added 2022/11/15 9:15 p.m.•60 views

CVE-2022-20836

4.8CVSS5AI score0.00038EPSS

CVE•added 2022/11/15 9:15 p.m.•60 views

CVE-2022-20838

4.8CVSS5AI score0.00038EPSS

CVE•added 2022/11/15 9:15 p.m.•60 views

CVE-2022-20905

4.8CVSS5AI score0.00035EPSS

CVE•added 2018/05/02 10:29 p.m.•59 views

CVE-2018-0283

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an instance of the Snort detection engine on an affected device, resulting in a brief denial of service (DoS) condition. The vulnerability is due to the incorrect ha...

5.8CVSS5.8AI score0.00433EPSS

CVE•added 2022/11/15 9:15 p.m.•59 views

CVE-2022-20834

4.8CVSS5AI score0.00038EPSS

CVE•added 2018/07/16 5:29 p.m.•58 views

CVE-2018-0385

A vulnerability in the detection engine parsing of Security Socket Layer (SSL) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability is due...

7.5CVSS7.6AI score0.00579EPSS

CVE•added 2022/11/15 9:15 p.m.•58 views

CVE-2022-20936

4.8CVSS5AI score0.00035EPSS

CVE•added 2022/11/15 9:15 p.m.•57 views

CVE-2022-20839

4.8CVSS5AI score0.00038EPSS

CVE•added 2022/11/15 9:15 p.m.•57 views

CVE-2022-20840

4.8CVSS5AI score0.00038EPSS

CVE•added 2022/11/15 9:15 p.m.•57 views

CVE-2022-20941

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to access sensitive information. This vulnerability is due to missing authorization for certain resources in the web-based management interface t...

5.3CVSS5.2AI score0.00116EPSS

CVE•added 2022/11/15 9:15 p.m.•54 views

CVE-2022-20932

4.8CVSS5AI score0.00035EPSS

CVE•added 2018/04/19 8:29 p.m.•53 views

CVE-2018-0233

A vulnerability in the Secure Sockets Layer (SSL) packet reassembly functionality of the detection engine in Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the detection engine to consume excessive system memory on an affected device, which could cause a de...

8.6CVSS8.3AI score0.00484EPSS

CVE•added 2018/06/21 11:29 a.m.•53 views

CVE-2018-0365

A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protect...

8.8CVSS8.8AI score0.00202EPSS

CVE•added 2016/12/14 12:59 a.m.•52 views

CVE-2016-9193

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. Affected Products: Cisco Firepower Management ...

7.5CVSS7.5AI score0.00383EPSS

CVE•added 2022/11/15 9:15 p.m.•52 views

CVE-2022-20872

4.8CVSS5AI score0.00038EPSS

CVE•added 2019/10/02 7:15 p.m.•51 views

CVE-2019-12683

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could...

9CVSS9.2AI score0.00945EPSS

CVE•added 2018/07/16 5:29 p.m.•48 views

CVE-2018-0384

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected software incorrectly handl...

5.8CVSS5.7AI score0.00463EPSS

CVE•added 2022/11/15 9:15 p.m.•48 views

CVE-2022-20835

4.8CVSS5AI score0.00038EPSS

CVE•added 2017/02/03 7:59 a.m.•47 views

CVE-2017-3809

A vulnerability in the Policy deployment module of the Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to prevent deployment of a complete and accurate rule base. More Information: CSCvb95281. Known Affected Releases: 6.1.0 6.2.0. Known Fixed Releases: 6.1.0....

5.8CVSS5.6AI score0.00586EPSS

CVE•added 2017/04/07 5:59 p.m.•44 views

CVE-2017-3885

A vulnerability in the detection engine reassembly of Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process consumes a high level of CPU resources. Affected Produc...

7.1CVSS5.8AI score0.00453EPSS

CVE•added 2019/08/08 8:15 a.m.•43 views

CVE-2019-1949

A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficien...

4.8CVSS4.9AI score0.0017EPSS

CVE•added 2020/05/06 5:15 p.m.•43 views

CVE-2020-3318

Multiple vulnerabilities in Cisco Firepower Management Center (FMC) Software and Cisco Firepower User Agent Software could allow an attacker to access a sensitive part of an affected system with a high-privileged account. For more information about these vulnerabilities, see the Details section of ...

9.8CVSS8.9AI score0.00408EPSS

CVE•added 2019/02/07 10:29 p.m.•42 views

CVE-2019-1671

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due to ins...

6.1CVSS5.9AI score0.00124EPSS

CVE•added 2017/02/03 7:59 a.m.•41 views

CVE-2017-3814

A vulnerability in Cisco Firepower System Software could allow an unauthenticated, remote attacker to maliciously bypass the appliance's ability to block certain web content, aka a URL Bypass. More Information: CSCvb93980. Known Affected Releases: 5.3.0 5.4.0 6.0.0 6.0.1 6.1.0.

5.8CVSS5.6AI score0.00317EPSS

CVE•added 2017/07/04 12:29 a.m.•41 views

CVE-2017-6717

A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. More Information: CSCvc38801. Known Affected Releases: 6.0.1.3 6.2.1. Known Fixed Releases: 6.2...

5.4CVSS5.2AI score0.00171EPSS

CVE•added 2018/05/02 10:29 p.m.•41 views

CVE-2018-0281

5.8CVSS5.8AI score0.00433EPSS

CVE•added 2020/05/06 5:15 p.m.•40 views

CVE-2020-3301

8.1CVSS6.3AI score0.00199EPSS

CVE•added 2019/05/16 2:29 a.m.•39 views

CVE-2019-1833

A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol parser of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies. The vulnerability is due to improper parsing of specific attributes in a T...

5.8CVSS5.6AI score0.00215EPSS