Lucene search
K
CiscoSourcefire Defense Center

8 matches found

CVE
CVE
added 2020/10/08 4:20 a.m.84 views

CVE-2020-3320

CVE-2020-3320 affects Cisco Firepower Management Center (web-based management interface). Root cause: insufficient validation of user-supplied input in the FMC web UI, enabling a cross-site scripting (XSS) attack. Exploitation requires an authenticated user to input crafted data and then persuade...

5.4CVSS5.2AI score0.00633EPSS
CVE
CVE
added 2021/10/27 6:55 p.m.78 views

CVE-2021-34781

The CVE-2021-34781 issue affects Cisco Firepower Threat Defense (FTD) Software in multi-Instance deployments, where improper error handling during SSH session establishment allows an unauthenticated, remote attacker to trigger resource exhaustion and a DoS condition. Exploitation involves sending...

8.6CVSS7.9AI score0.01346EPSS
CVE
CVE
added 2021/10/27 6:55 p.m.76 views

CVE-2021-34755

Cisco Firepower Threat Defense (FTD) Software CLI contains multiple command injection vulnerabilities. An authenticated, local attacker could exploit insufficient validation of user-supplied command arguments to execute arbitrary commands with root privileges on the underlying OS, including when ...

7.8CVSS7.4AI score0.00262EPSS
CVE
CVE
added 2021/10/27 6:55 p.m.61 views

CVE-2021-34762

Cisco Firepower Management Center (FMC) Software is affected by CVE-2021-34762, a directory-traversal vulnerability in the web-based management interface caused by insufficient input validation of HTTPS URLs. An authenticated, remote attacker with valid credentials can send crafted HTTPS requests...

8.1CVSS7.9AI score0.01908EPSS
CVE
CVE
added 2021/10/27 6:55 p.m.61 views

CVE-2021-34764

CVE-2021-34764 affects Cisco Firepower Management Center (FMC) web-based management interface, with multiple vulnerabilities enabling cross-site scripting (XSS) and open redirect attacks. The root cause is improper input validation of HTTP request parameters in the FMC web interface. Cisco’s advi...

6.1CVSS5.6AI score0.00592EPSS
CVE
CVE
added 2021/10/27 6:55 p.m.56 views

CVE-2021-34763

Cisco Firepower Management Center (FMC) Web UI vulnerabilities CVE-2021-34763: two issues—an authenticated attacker can lure a user to click a crafted link to execute arbitrary script code (XSS) and an unauthenticated attacker can exploit improper input validation to trigger an open redirect. The...

4.8CVSS5.2AI score0.00461EPSS
CVE
CVE
added 2021/10/27 6:55 p.m.55 views

CVE-2021-34756

Cisco Firepower Threat Defense (FTD) Software contains CLI command injection vulnerabilities that allow an authenticated, local attacker to execute arbitrary commands with root privileges due to insufficient validation of user-provided command arguments. Affected component is the FTD CLI; impact ...

7.8CVSS7.4AI score0.00262EPSS
CVE
CVE
added 2021/10/27 6:55 p.m.51 views

CVE-2021-34761

CVE-2021-34761 affects Cisco Firepower Threat Defense (FTD) Software. The issue stems from incomplete validation of user input for a specific CLI command, enabling an authenticated local attacker (with administrative credentials) to overwrite or append arbitrary data to system files with root-lev...

6.6CVSS5.4AI score0.00207EPSS