Secure Firewall Management Center Security Vulnerabilities and Issues — Secure Firewall Management Center CVE List

Lucene search

CiscoSecure Firewall Management Center

14 matches found

CVE•added 2017/10/05 7:29 a.m.•63 views

CVE-2017-12244

A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service (DoS) condition because the Snort process restarts unexpectedly. The vulnerability is due...

8.6CVSS8.5AI score0.00274EPSS

CVE•added 2017/10/05 7:29 a.m.•62 views

CVE-2017-12245

A vulnerability in SSL traffic decryption for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause depletion of system memory, aka a Firepower Detection Engine SSL Decryption Memory Consumption Denial of Service vulnerability. If this memory leak pe...

8.6CVSS8.4AI score0.00662EPSS

CVE•added 2017/09/07 9:29 p.m.•50 views

CVE-2017-12220

A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

6.1CVSS5.9AI score0.0012EPSS

CVE•added 2017/09/07 9:29 p.m.•48 views

CVE-2017-12221

A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected software. The vulnerability is due to insufficient validation of user-supplied i...

5.4CVSS5.3AI score0.00363EPSS

CVE•added 2017/02/03 7:59 a.m.•47 views

CVE-2017-3809

A vulnerability in the Policy deployment module of the Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to prevent deployment of a complete and accurate rule base. More Information: CSCvb95281. Known Affected Releases: 6.1.0 6.2.0. Known Fixed Releases: 6.1.0....

5.8CVSS5.6AI score0.00586EPSS

CVE•added 2017/02/22 2:59 a.m.•47 views

CVE-2017-3847

A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. More Information: CSCvc72741. Known Affected Releases: 6.2.1.

5.4CVSS5.2AI score0.00187EPSS

CVE•added 2017/04/20 10:59 p.m.•45 views

CVE-2016-6368

A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability ...

8.6CVSS8.4AI score0.00379EPSS

CVE•added 2017/11/16 7:29 a.m.•45 views

CVE-2017-12300

A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the Server Message Block Version 2 (SMB2) protocol. The vulnerability is due to the incorrect detection of an SMB2 fil...

5.8CVSS5.7AI score0.00227EPSS

CVE•added 2017/07/04 12:29 a.m.•45 views

CVE-2017-6716

A vulnerability in the web framework code of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of an affected system. Affected Products: Cisco Firepower Management Center Software...

5.4CVSS5.1AI score0.00171EPSS

CVE•added 2017/04/07 5:59 p.m.•44 views

CVE-2017-3885

A vulnerability in the detection engine reassembly of Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process consumes a high level of CPU resources. Affected Produc...

7.1CVSS5.8AI score0.00453EPSS

CVE•added 2017/07/04 12:29 a.m.•43 views

CVE-2017-6715

A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. Affected Products: Cisco Firepower Management Center Releases 5.4.1.x and prior. More Informati...

5.4CVSS5.2AI score0.00171EPSS

CVE•added 2017/02/03 7:59 a.m.•41 views

CVE-2017-3814

A vulnerability in Cisco Firepower System Software could allow an unauthenticated, remote attacker to maliciously bypass the appliance's ability to block certain web content, aka a URL Bypass. More Information: CSCvb93980. Known Affected Releases: 5.3.0 5.4.0 6.0.0 6.0.1 6.1.0.

5.8CVSS5.6AI score0.00317EPSS

CVE•added 2017/07/04 12:29 a.m.•41 views

CVE-2017-6717

A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. More Information: CSCvc38801. Known Affected Releases: 6.0.1.3 6.2.1. Known Fixed Releases: 6.2...

5.4CVSS5.2AI score0.00171EPSS

CVE•added 2017/06/13 6:29 a.m.•40 views

CVE-2017-6673

A vulnerability in Cisco Firepower Management Center could allow an authenticated, remote attacker to obtain user information. An attacker could use this information to perform reconnaissance. More Information: CSCvc10894. Known Affected Releases: 6.1.0.2 6.2.0. Known Fixed Releases: 6.2.0.

6.5CVSS6.2AI score0.00224EPSS