Firepower_extensible_operating_system - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Firepower_extensible_operating_system
(Cisco)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	55

Date	Id	Summary	Products	Score	Patch	Annotated
2017-04-07	CVE-2017-6597	A vulnerability in the local-mgmt CLI command of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More Information: CSCvb61394 CSCvb86816. Known Affected Releases: 2.0(1.68) 3.1(1k)A. Known Fixed Releases: 92.2(1.101) 92.1(1.1658) 2.0(1.115).	Firepower_extensible_operating_system, Unified_computing_system	7.8
2015-11-24	CVE-2015-6380	An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote authenticated users to execute arbitrary OS commands via crafted parameters, aka Bug ID CSCux10622.	Firepower_extensible_operating_system	N/A
2015-11-19	CVE-2015-6374	The web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, aka Bug ID CSCux10604.	Firepower_extensible_operating_system	N/A
2015-11-18	CVE-2015-6373	Cross-site request forgery (CSRF) vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCux10611.	Firepower_extensible_operating_system	N/A
2015-11-18	CVE-2015-6372	Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCux10614.	Firepower_extensible_operating_system	N/A
2015-11-19	CVE-2015-6371	Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote authenticated users to read arbitrary files via crafted parameters to unspecified scripts, aka Bug ID CSCux10621.	Firepower_extensible_operating_system	N/A
2015-11-19	CVE-2015-6370	The Management I/O (MIO) component in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows local users to execute arbitrary OS commands as root via crafted CLI input, aka Bug ID CSCux10578.	Firepower_extensible_operating_system	N/A
2015-11-19	CVE-2015-6369	The USB driver in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows physically proximate attackers to cause a denial of service via a crafted USB device that triggers invalid USB commands, aka Bug ID CSCux10531.	Firepower_extensible_operating_system	N/A
2015-11-19	CVE-2015-6368	Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to read files via a crafted HTTP request, aka Bug ID CSCux10608.	Firepower_extensible_operating_system	N/A
2015-07-28	CVE-2015-4287	Cisco Firepower Extensible Operating System 1.1(1.86) on Firepower 9000 devices allows remote attackers to bypass intended access restrictions and obtain sensitive device information by visiting an unspecified web page, aka Bug ID CSCuu82230.	Firepower_extensible_operating_system	N/A