Secure Firewall Management Center Security Vulnerabilities and Issues — Secure Firewall Management Center CVE List

Lucene search

CiscoSecure Firewall Management Center

7 matches found

CVE•added 2021/01/13 10:15 p.m.•85 views

CVE-2021-1224

Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP pay...

5.8CVSS5.7AI score0.00486EPSS

CVE•added 2021/01/13 10:15 p.m.•79 views

CVE-2021-1236

Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit th...

5.3CVSS5AI score0.00385EPSS

CVE•added 2021/01/13 10:15 p.m.•77 views

CVE-2021-1223

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this vulnerabilit...

7.5CVSS6.5AI score0.00561EPSS

CVE•added 2021/01/13 10:15 p.m.•75 views

CVE-2021-1239

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected system. The vulnerabilities exist because the ...

4.8CVSS5AI score0.00197EPSS

CVE•added 2021/01/13 10:15 p.m.•59 views

CVE-2021-1238

4.8CVSS5AI score0.00197EPSS

CVE•added 2021/01/13 10:15 p.m.•57 views

CVE-2021-1267

A vulnerability in the dashboard widget of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper restrictions on XML entities. An attacker could exploit ...

4.3CVSS4.7AI score0.00416EPSS

CVE•added 2021/01/13 10:15 p.m.•52 views

CVE-2021-1126

A vulnerability in the storage of proxy server credentials of Cisco Firepower Management Center (FMC) could allow an authenticated, local attacker to view credentials for a configured proxy server. The vulnerability is due to clear-text storage and weak permissions of related configuration files. A...

5.5CVSS5.2AI score0.00039EPSS