Secure Firewall Management Center@6.6.0 Security Vulnerabilities and Issues — Secure Firewall Management Center@6.6.0 CVE List

Lucene search

CiscoSecure Firewall Management Center6.6.0

47 matches found

CVE•added 2023/11/01 6:15 p.m.•114 views

CVE-2023-20048

A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute certain unauthorized configuration commands on a Firepower Threat Defense (FTD) device that is managed by the FMC Software. This vulnerability i...

9.9CVSS9.4AI score0.02029EPSS

Web

CVE•added 2022/11/15 9:15 p.m.•73 views

CVE-2022-20938

A vulnerability in the module import function of the administrative interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to view sensitive information. This vulnerability is due to insufficient validation of the XML syntax when importing a modu...

4.3CVSS4.5AI score0.0005EPSS

CVE•added 2023/11/01 6:15 p.m.•72 views

CVE-2023-20219

Multiple vulnerabilities in the web management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. The attacker would need valid device credentials but does not require administ...

8.8CVSS8.9AI score0.00448EPSS

CVE•added 2022/11/15 9:15 p.m.•71 views

CVE-2022-20832

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. These vulnerabilities are due...

4.8CVSS5AI score0.00048EPSS

CVE•added 2023/11/01 5:15 p.m.•71 views

CVE-2023-20155

A vulnerability in a logging API in Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause the device to become unresponsive or trigger an unexpected reload. This vulnerability could also allow an attacker with valid user credentials, but not Admin...

7.5CVSS6.5AI score0.00386EPSS

CVE•added 2023/11/01 6:15 p.m.•65 views

CVE-2023-20063

A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root per...

8.2CVSS8.4AI score0.00026EPSS

CVE•added 2022/11/15 9:15 p.m.•64 views

CVE-2022-20935

4.8CVSS5AI score0.00044EPSS

CVE•added 2022/11/15 9:15 p.m.•63 views

CVE-2022-20833

4.8CVSS5AI score0.00048EPSS

CVE•added 2022/11/15 9:15 p.m.•63 views

CVE-2022-20843

4.8CVSS5AI score0.00048EPSS

CVE•added 2022/11/15 9:15 p.m.•62 views

CVE-2022-20854

A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper...

7.5CVSS7.5AI score0.00151EPSS

CVE•added 2022/11/15 9:15 p.m.•61 views

CVE-2022-20831

4.8CVSS5AI score0.00054EPSS

CVE•added 2022/11/15 9:15 p.m.•61 views

CVE-2022-20836

4.8CVSS5AI score0.00048EPSS

CVE•added 2022/11/15 9:15 p.m.•61 views

CVE-2022-20838

4.8CVSS5AI score0.00048EPSS

CVE•added 2022/11/15 9:15 p.m.•61 views

CVE-2022-20905

4.8CVSS5AI score0.00044EPSS

CVE•added 2022/11/15 9:15 p.m.•60 views

CVE-2022-20834

4.8CVSS5AI score0.00048EPSS

CVE•added 2020/10/21 7:15 p.m.•59 views

CVE-2020-3410

A vulnerability in the Common Access Card (CAC) authentication feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and access the FMC system. The attacker must have a valid CAC to initiate the access attempt. The vulne...

8.1CVSS8.2AI score0.00637EPSS

CVE•added 2022/11/15 9:15 p.m.•59 views

CVE-2022-20936

4.8CVSS5AI score0.00044EPSS

CVE•added 2022/11/15 9:15 p.m.•58 views

CVE-2022-20839

4.8CVSS5AI score0.00048EPSS

CVE•added 2022/11/15 9:15 p.m.•58 views

CVE-2022-20840

4.8CVSS5AI score0.00048EPSS

CVE•added 2022/11/15 9:15 p.m.•58 views

CVE-2022-20941

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to access sensitive information. This vulnerability is due to missing authorization for certain resources in the web-based management interface t...

5.3CVSS5.2AI score0.00172EPSS

CVE•added 2023/11/01 6:15 p.m.•58 views

CVE-2023-20220

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. To exploit these vulnerabilities, the attacker must have valid device cr...

8.8CVSS8.9AI score0.00366EPSS

CVE•added 2023/11/01 5:15 p.m.•56 views

CVE-2023-20114

A vulnerability in the file download feature of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to download arbitrary files from an affected system. This vulnerability is due to a lack of input sanitation. An attacker could exploit this vulnerability b...

6.5CVSS6.4AI score0.00164EPSS

CVE•added 2022/11/15 9:15 p.m.•55 views

CVE-2022-20932

4.8CVSS5AI score0.00044EPSS

CVE•added 2022/11/15 9:15 p.m.•53 views

CVE-2022-20872

4.8CVSS5AI score0.00048EPSS

CVE•added 2023/11/01 5:15 p.m.•53 views

CVE-2023-20005

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. These vulnerabilities are d...

6.1CVSS5.9AI score0.00059EPSS

CVE•added 2022/11/15 9:15 p.m.•49 views

CVE-2022-20835

4.8CVSS5AI score0.00048EPSS

CVE•added 2023/11/01 5:15 p.m.•47 views

CVE-2023-20074

6.1CVSS5.9AI score0.00059EPSS

CVE•added 2024/10/23 6:15 p.m.•44 views

CVE-2024-20424

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability ...

9.9CVSS9.7AI score0.00282EPSS

CVE•added 2023/11/01 5:15 p.m.•40 views

CVE-2023-20206

6.1CVSS5.9AI score0.00088EPSS

CVE•added 2024/10/23 6:15 p.m.•40 views

CVE-2024-20410

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient v...

6.1CVSS5.3AI score0.00065EPSS

CVE•added 2024/10/23 6:15 p.m.•39 views

CVE-2024-20387

A vulnerability in the web-based management interface of Cisco FMC Software could allow an authenticated, remote attacker to store malicious content for use in XSS attacks. This vulnerability is due to improper input sanitization in the web-based management interface of Cisco FMC Software. An attac...

5.4CVSS5.2AI score0.00078EPSS

CVE•added 2024/10/23 6:15 p.m.•39 views

CVE-2024-20388

A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device. This vulnerability is due to improper authentication of password update responses. An attacker coul...

5.3CVSS5.6AI score0.00112EPSS

CVE•added 2024/10/23 6:15 p.m.•39 views

CVE-2024-20471

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface does not validat...

6.5CVSS6.8AI score0.00091EPSS

CVE•added 2024/10/23 5:15 p.m.•38 views

CVE-2024-20274

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. This vulnerability is due ...

5.5CVSS5.5AI score0.00071EPSS

CVE•added 2024/10/23 6:15 p.m.•38 views

CVE-2024-20403

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient val...

5.4CVSS5AI score0.00062EPSS

CVE•added 2024/10/23 6:15 p.m.•38 views

CVE-2024-20409

6.1CVSS5AI score0.00061EPSS

CVE•added 2024/10/23 5:15 p.m.•37 views

CVE-2024-20273

6.1CVSS6AI score0.00083EPSS

CVE•added 2024/10/23 5:15 p.m.•37 views

CVE-2024-20300

5.4CVSS5AI score0.00072EPSS

CVE•added 2024/10/23 6:15 p.m.•37 views

CVE-2024-20415

6.1CVSS5AI score0.00059EPSS

CVE•added 2024/10/23 6:15 p.m.•36 views

CVE-2024-20372

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insuffi...

6.1CVSS5.9AI score0.00064EPSS

CVE•added 2024/10/23 6:15 p.m.•36 views

CVE-2024-20386

6.1CVSS5AI score0.00059EPSS

CVE•added 2024/10/23 5:15 p.m.•34 views

CVE-2024-20269

5.4CVSS5AI score0.00072EPSS

CVE•added 2025/08/14 5:15 p.m.•8 views

CVE-2025-20302

A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, low-privileged, remote attacker to retrieve a generated report from a different domain. This vulnerability is due to missing authorization checks. An attacker could exploit this vulnerab...

4.3CVSS7AI score0.00041EPSS

CVE•added 2025/08/14 5:15 p.m.•8 views

CVE-2025-20306

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating system. This vulnerability is due to insufficie...

4.9CVSS7.9AI score0.00027EPSS

CVE•added 2025/08/14 5:15 p.m.•7 views

CVE-2025-20218

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to retrieve sensitive information from an affected device. This vulnerability is due to insufficient input validation. An attacker could expl...

4.9CVSS6.7AI score0.00053EPSS

CVE•added 2025/08/14 5:15 p.m.•7 views

CVE-2025-20235

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of use...

6.1CVSS6.3AI score0.00024EPSS

CVE•added 2025/08/14 5:15 p.m.•7 views

CVE-2025-20301

A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, low-privileged, remote attacker to access troubleshoot files for a different domain. This vulnerability is due to missing authorization checks. An attacker could exploit this vulnerabili...

6.5CVSS6.7AI score0.00047EPSS