Secure Firewall Management Center Security Vulnerabilities and Issues — Secure Firewall Management Center CVE List

Lucene search

CiscoSecure Firewall Management Center

33 matches found

CVE•added 2019/07/06 2:15 a.m.•405 views

CVE-2019-1931

Multiple vulnerabilities in the RSS dashboard in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. T...

6.1CVSS6AI score0.00171EPSS

CVE•added 2019/07/06 2:15 a.m.•399 views

CVE-2019-1930

6.1CVSS6AI score0.00171EPSS

CVE•added 2019/11/05 8:15 p.m.•77 views

CVE-2019-1981

A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to insuf...

5.8CVSS5.7AI score0.00405EPSS

CVE•added 2019/11/05 8:15 p.m.•71 views

CVE-2019-1978

A vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to impro...

5.8CVSS5.6AI score0.2366EPSS

CVE•added 2019/01/23 11:29 p.m.•63 views

CVE-2019-1642

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability i...

6.1CVSS5.9AI score0.01103EPSS

CVE•added 2019/11/05 8:15 p.m.•61 views

CVE-2019-1982

A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to ...

5.8CVSS5.3AI score0.00289EPSS

CVE•added 2019/10/02 7:15 p.m.•55 views

CVE-2019-12700

A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco Firepower Threat Defense (FTD) Software, Cisco Firepower Management Center (FMC) Software, and Cisco FXOS Software could allow an authenticated, remote attacker to cause a denial of service (DoS) conditi...

7.7CVSS6.4AI score0.01422EPSS

CVE•added 2019/10/02 7:15 p.m.•52 views

CVE-2019-12689

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. The vulnerability is due to insufficient input validation. An a...

9CVSS8.4AI score0.01727EPSS

CVE•added 2019/04/18 1:29 a.m.•52 views

CVE-2019-1802

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due to insuf...

4.8CVSS4.9AI score0.00176EPSS

CVE•added 2019/01/10 7:29 p.m.•51 views

CVE-2018-15458

A vulnerability in the Shell Access Filter feature of Cisco Firepower Management Center (FMC), when used in conjunction with remote authentication, could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability occ...

7.5CVSS6.2AI score0.04647EPSS

CVE•added 2019/10/02 7:15 p.m.•51 views

CVE-2019-12683

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could...

9CVSS9.2AI score0.00945EPSS

CVE•added 2019/10/02 7:15 p.m.•50 views

CVE-2019-12701

A vulnerability in the file and malware inspection feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass the file and malware inspection policies on an affected system. The vulnerability exists because the affected software insufficien...

5.8CVSS5.6AI score0.00088EPSS

CVE•added 2019/10/02 7:15 p.m.•48 views

CVE-2019-12679

9CVSS9.2AI score0.00945EPSS

CVE•added 2019/10/02 7:15 p.m.•47 views

CVE-2019-12682

9CVSS9.2AI score0.00945EPSS

CVE•added 2019/05/03 3:29 p.m.•47 views

CVE-2019-1696

Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilit...

7.5CVSS7.6AI score0.00721EPSS

CVE•added 2019/10/16 7:15 p.m.•46 views

CVE-2019-15280

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficien...

4.8CVSS4.8AI score0.0026EPSS

CVE•added 2019/10/02 7:15 p.m.•45 views

CVE-2019-12686

9CVSS9.2AI score0.00945EPSS

CVE•added 2019/10/02 7:15 p.m.•44 views

CVE-2019-12680

9CVSS9.2AI score0.00945EPSS

CVE•added 2019/10/02 7:15 p.m.•44 views

CVE-2019-12691

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The vulnerability is due to insufficient input validation by the web-based managemen...

4.9CVSS4.8AI score0.00056EPSS

CVE•added 2019/08/08 8:15 a.m.•43 views

CVE-2019-1949

A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficien...

4.8CVSS4.9AI score0.0017EPSS

CVE•added 2019/10/02 7:15 p.m.•42 views

CVE-2019-12690

A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with the privileges of the root user of the underlying operating system. The vulnerability is due to insufficient validation of u...

9CVSS7.3AI score0.01009EPSS

CVE•added 2019/02/07 10:29 p.m.•42 views

CVE-2019-1671

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due to ins...

6.1CVSS5.9AI score0.00124EPSS

CVE•added 2019/05/03 4:29 p.m.•42 views

CVE-2019-1699

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting commands into argument...

7.8CVSS7.1AI score0.00137EPSS

CVE•added 2019/11/05 8:15 p.m.•42 views

CVE-2019-1980

A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to impr...

5.8CVSS5.4AI score0.00289EPSS

CVE•added 2019/10/02 7:15 p.m.•41 views

CVE-2019-12681

9CVSS9.2AI score0.00945EPSS

CVE•added 2019/10/02 7:15 p.m.•40 views

CVE-2019-12688

A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted ...

9CVSS9AI score0.01186EPSS

CVE•added 2019/05/16 2:29 a.m.•40 views

CVE-2019-1832

A vulnerability in the detection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies. The vulnerability is due to improper validation of ICMP packets. An attacker could exploit this vulnerability by sen...

7.5CVSS6.5AI score0.00118EPSS

CVE•added 2019/08/08 8:15 a.m.•40 views

CVE-2019-1970

A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to erro...

7.5CVSS6.2AI score0.00088EPSS

CVE•added 2019/10/02 7:15 p.m.•39 views

CVE-2019-12685

9CVSS9.2AI score0.00945EPSS

CVE•added 2019/05/16 2:29 a.m.•39 views

CVE-2019-1833

A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol parser of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies. The vulnerability is due to improper parsing of specific attributes in a T...

5.8CVSS5.6AI score0.00215EPSS

CVE•added 2019/10/02 7:15 p.m.•38 views

CVE-2019-12687

9CVSS9AI score0.01186EPSS

CVE•added 2019/10/02 7:15 p.m.•37 views

CVE-2019-12684

9CVSS9.2AI score0.00945EPSS

CVE•added 2019/05/03 4:29 p.m.•35 views

CVE-2019-1709

7.8CVSS6.8AI score0.00076EPSS