Secure Firewall Management Center Security Vulnerabilities and Issues — Secure Firewall Management Center CVE List

Lucene search

CiscoSecure Firewall Management Center

21 matches found

CVE•added 2020/10/21 7:15 p.m.•86 views

CVE-2020-3558

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attack...

6.1CVSS5.4AI score0.00249EPSS

CVE•added 2020/09/23 1:15 a.m.•73 views

CVE-2019-15992

A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operatin...

9CVSS7.2AI score0.05769EPSS

CVE•added 2020/05/06 5:15 p.m.•73 views

CVE-2020-3315

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP respons...

5.8CVSS5.5AI score0.00215EPSS

CVE•added 2020/10/08 5:15 a.m.•73 views

CVE-2020-3320

A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficien...

5.4CVSS5.2AI score0.00192EPSS

CVE•added 2020/09/23 1:15 a.m.•62 views

CVE-2019-16028

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling...

10CVSS10AI score0.03423EPSS

CVE•added 2020/10/21 7:15 p.m.•58 views

CVE-2020-3410

A vulnerability in the Common Access Card (CAC) authentication feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and access the FMC system. The attacker must have a valid CAC to initiate the access attempt. The vulne...

8.1CVSS8.2AI score0.00637EPSS

CVE•added 2020/10/21 7:15 p.m.•56 views

CVE-2020-3514

A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their Cisco FTD instance and execute commands with root privileges in the host namespace. The attacker must have valid credentials ...

8.2CVSS7.4AI score0.00031EPSS

CVE•added 2020/10/21 7:15 p.m.•55 views

CVE-2020-3557

A vulnerability in the host input API daemon of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper certificate validation. An attacker could exploit...

5.3CVSS5.4AI score0.00194EPSS

CVE•added 2020/10/21 7:15 p.m.•51 views

CVE-2020-3499

A vulnerability in the licensing service of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.The vulnerability is due to improper handling of system resource values by the affected system. An attacker could...

8.6CVSS8.4AI score0.01858EPSS

CVE•added 2020/10/21 7:15 p.m.•51 views

CVE-2020-3515

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation...

6.1CVSS5.6AI score0.00159EPSS

CVE•added 2020/10/21 7:15 p.m.•49 views

CVE-2020-3550

A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to perform directory traversal and access directories outside the restricted path. The vulnerability is due to insu...

8.1CVSS8.1AI score0.00341EPSS

CVE•added 2020/05/06 5:15 p.m.•48 views

CVE-2020-3311

A vulnerability in the web interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulne...

6.1CVSS5.3AI score0.00263EPSS

CVE•added 2020/10/21 7:15 p.m.•46 views

CVE-2020-3549

A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to obtain the device registration hash. The vulnerability is due to insufficient sftunnel negotiation p...

8.1CVSS7.9AI score0.00529EPSS

CVE•added 2020/05/06 5:15 p.m.•45 views

CVE-2020-3312

A vulnerability in the application policy configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data on an affected device. The vulnerability is due to insufficient application identification. An ...

7.5CVSS6.5AI score0.0055EPSS

CVE•added 2020/05/06 5:15 p.m.•43 views

CVE-2020-3302

A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to overwrite files on the file system of an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by upl...

8.5CVSS7.2AI score0.00527EPSS

CVE•added 2020/05/06 5:15 p.m.•43 views

CVE-2020-3307

A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to write arbitrary entries to the log file on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability...

5.3CVSS5.3AI score0.00164EPSS

CVE•added 2020/05/06 5:15 p.m.•43 views

CVE-2020-3318

Multiple vulnerabilities in Cisco Firepower Management Center (FMC) Software and Cisco Firepower User Agent Software could allow an attacker to access a sensitive part of an affected system with a high-privileged account. For more information about these vulnerabilities, see the Details section of ...

9.8CVSS8.9AI score0.00408EPSS

CVE•added 2020/05/06 5:15 p.m.•42 views

CVE-2020-3308

A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verificat...

4.9CVSS5.1AI score0.0008EPSS

CVE•added 2020/05/06 5:15 p.m.•41 views

CVE-2020-3313

A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the FMC Software. The vulnerability is due to insufficient validat...

6.5CVSS5.9AI score0.00133EPSS

CVE•added 2020/05/06 5:15 p.m.•40 views

CVE-2020-3301

8.1CVSS6.3AI score0.00199EPSS

CVE•added 2020/10/21 7:15 p.m.•37 views

CVE-2020-3553

6.1CVSS5.6AI score0.0014EPSS