Secure Firewall Management Center Security Vulnerabilities and Issues — Secure Firewall Management Center CVE List

Lucene search

CiscoSecure Firewall Management Center

12 matches found

CVE•added 2016/10/06 10:59 a.m.•61 views

CVE-2016-6433

The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote authenticated users to execute arbitrary commands via crafted web-application parameters, aka Bug ID CSCva30872.

9CVSS8.6AI score0.72601EPSS

CVE•added 2016/10/06 10:59 a.m.•54 views

CVE-2016-6434

Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370.

7.8CVSS7AI score0.00385EPSS

CVE•added 2016/10/27 9:59 p.m.•52 views

CVE-2016-6439

A vulnerability in the detection engine reassembly of HTTP packets for Cisco Firepower System Software before 6.0.1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability is due to improper han...

7.5CVSS7.6AI score0.0022EPSS

CVE•added 2016/12/14 12:59 a.m.•52 views

CVE-2016-9193

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. Affected Products: Cisco Firepower Management ...

7.5CVSS7.5AI score0.00383EPSS

CVE•added 2016/10/06 10:59 a.m.•49 views

CVE-2016-6435

The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via crafted parameters, aka Bug ID CSCva30376.

6.5CVSS6AI score0.55026EPSS

CVE•added 2016/02/26 5:59 a.m.•46 views

CVE-2016-1342

The device login page in Cisco FirePOWER Management Center 5.3 through 6.0.0.1 allows remote attackers to obtain potentially sensitive software-version information by reading help files, aka Bug ID CSCuy36654.

5.3CVSS5.1AI score0.0023EPSS

CVE•added 2016/10/05 10:59 a.m.•46 views

CVE-2016-6419

SQL injection vulnerability in Cisco Firepower Management Center 4.10.3 through 5.4.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCur25485.

7.5CVSS7.7AI score0.00542EPSS

CVE•added 2016/06/18 1:59 a.m.•43 views

CVE-2016-1431

Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCur25516.

6.1CVSS6AI score0.0025EPSS

CVE•added 2016/08/18 7:59 p.m.•41 views

CVE-2016-1458

The web-based GUI in Cisco Firepower Management Center 4.x and 5.x before 5.3.0.3, 5.3.1.x before 5.3.1.2, and 5.4.x before 5.4.0.1 and Cisco Adaptive Security Appliance (ASA) Software on 5500-X devices with FirePOWER Services 4.x and 5.x before 5.3.0.3, 5.3.1.x before 5.3.1.2, and 5.4.x before 5.4...

9CVSS8.3AI score0.00195EPSS

CVE•added 2016/05/28 1:59 a.m.•39 views

CVE-2016-1413

The web interface in Cisco Firepower Management Center 5.4.0 through 6.0.0.1 allows remote authenticated users to modify pages by placing crafted code in a parameter value, aka Bug ID CSCuy76517.

6.5CVSS6.2AI score0.00181EPSS

CVE•added 2016/08/18 7:59 p.m.•38 views

CVE-2016-1457

The web-based GUI in Cisco Firepower Management Center 4.x and 5.x before 5.3.1.2 and 5.4.x before 5.4.0.1 and Cisco Adaptive Security Appliance (ASA) Software on 5500-X devices with FirePOWER Services 4.x and 5.x before 5.3.1.2 and 5.4.x before 5.4.0.1 allows remote authenticated users to execute ...

9CVSS8.8AI score0.0026EPSS

CVE•added 2016/08/23 2:11 a.m.•37 views

CVE-2016-6365

Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.0.2, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCur25508 and CSCur25518.

6.1CVSS6AI score0.00229EPSS