Secure Firewall Management Center Security Vulnerabilities and Issues — Secure Firewall Management Center CVE List

Lucene search

CiscoSecure Firewall Management Center

20 matches found

CVE•added 2021/08/18 8:15 p.m.•84 views

CVE-2021-34749

A vulnerability in Server Name Identification (SNI) request filtering of Cisco Web Security Appliance (WSA), Cisco Firepower Threat Defense (FTD), and the Snort detection engine could allow an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data ...

8.6CVSS7AI score0.0044EPSS

CVE•added 2023/11/01 6:15 p.m.•71 views

CVE-2023-20219

Multiple vulnerabilities in the web management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. The attacker would need valid device credentials but does not require administ...

8.8CVSS8.9AI score0.00448EPSS

CVE•added 2023/11/01 6:15 p.m.•64 views

CVE-2023-20063

A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root per...

8.2CVSS8.4AI score0.00026EPSS

CVE•added 2017/10/05 7:29 a.m.•63 views

CVE-2017-12244

A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service (DoS) condition because the Snort process restarts unexpectedly. The vulnerability is due...

8.6CVSS8.5AI score0.00274EPSS

CVE•added 2017/10/05 7:29 a.m.•61 views

CVE-2017-12245

A vulnerability in SSL traffic decryption for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause depletion of system memory, aka a Firepower Detection Engine SSL Decryption Memory Consumption Denial of Service vulnerability. If this memory leak pe...

8.6CVSS8.4AI score0.00662EPSS

CVE•added 2020/10/21 7:15 p.m.•58 views

CVE-2020-3410

A vulnerability in the Common Access Card (CAC) authentication feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and access the FMC system. The attacker must have a valid CAC to initiate the access attempt. The vulne...

8.1CVSS8.2AI score0.00637EPSS

CVE•added 2023/11/01 6:15 p.m.•57 views

CVE-2023-20220

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. To exploit these vulnerabilities, the attacker must have valid device cr...

8.8CVSS8.9AI score0.00366EPSS

CVE•added 2020/10/21 7:15 p.m.•56 views

CVE-2020-3514

A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their Cisco FTD instance and execute commands with root privileges in the host namespace. The attacker must have valid credentials ...

8.2CVSS7.4AI score0.00031EPSS

CVE•added 2024/05/22 6:15 p.m.•54 views

CVE-2024-20360

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface does not adequately va...

8.8CVSS8.2AI score0.01719EPSS

CVE•added 2018/04/19 8:29 p.m.•53 views

CVE-2018-0233

A vulnerability in the Secure Sockets Layer (SSL) packet reassembly functionality of the detection engine in Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the detection engine to consume excessive system memory on an affected device, which could cause a de...

8.6CVSS8.3AI score0.00484EPSS

CVE•added 2018/06/21 11:29 a.m.•53 views

CVE-2018-0365

A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protect...

8.8CVSS8.8AI score0.00202EPSS

CVE•added 2021/10/27 7:15 p.m.•52 views

CVE-2021-40116

Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset action...

8.6CVSS7.7AI score0.00784EPSS

CVE•added 2022/11/15 9:15 p.m.•52 views

CVE-2022-20926

A vulnerability in the web management interface of the Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. The vulnerability is due to insufficient validation of user-supplied parameters for...

8.8CVSS8.9AI score0.00103EPSS

CVE•added 2020/10/21 7:15 p.m.•51 views

CVE-2020-3499

A vulnerability in the licensing service of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.The vulnerability is due to improper handling of system resource values by the affected system. An attacker could...

8.6CVSS8.4AI score0.01858EPSS

CVE•added 2020/10/21 7:15 p.m.•49 views

CVE-2020-3550

A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to perform directory traversal and access directories outside the restricted path. The vulnerability is due to insu...

8.1CVSS8.1AI score0.00341EPSS

CVE•added 2018/07/16 5:29 p.m.•46 views

CVE-2018-0383

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the transfer of files to an affected system via FTP. The vulnerability exists because the affected software incorrectly hand...

8.6CVSS8.5AI score0.00463EPSS

CVE•added 2020/10/21 7:15 p.m.•46 views

CVE-2020-3549

A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to obtain the device registration hash. The vulnerability is due to insufficient sftunnel negotiation p...

8.1CVSS7.9AI score0.00529EPSS

CVE•added 2017/04/20 10:59 p.m.•45 views

CVE-2016-6368

A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability ...

8.6CVSS8.4AI score0.00379EPSS

CVE•added 2020/05/06 5:15 p.m.•43 views

CVE-2020-3302

A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to overwrite files on the file system of an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by upl...

8.5CVSS7.2AI score0.00527EPSS

CVE•added 2020/05/06 5:15 p.m.•40 views

CVE-2020-3301

Multiple vulnerabilities in Cisco Firepower Management Center (FMC) Software and Cisco Firepower User Agent Software could allow an attacker to access a sensitive part of an affected system with a high-privileged account. For more information about these vulnerabilities, see the Details section of ...

8.1CVSS6.3AI score0.00199EPSS