Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Firepower_management_center
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 155 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-01-10 | CVE-2018-15458 | A vulnerability in the Shell Access Filter feature of Cisco Firepower Management Center (FMC), when used in conjunction with remote authentication, could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability occurs because the configuration of the Shell Access Filter, when used with a specific type of remote authentication, can cause a system file to have unbounded writes. An attacker could exploit this... | Firepower_management_center | 7.5 | ||
| 2018-07-16 | CVE-2018-0384 | A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected software incorrectly handles TCP packets that are received out of order when a TCP SYN retransmission is issued. An attacker could exploit this vulnerability by sending a maliciously crafted connection through an affected... | Firepower_management_center | 5.8 | ||
| 2018-07-16 | CVE-2018-0383 | A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the transfer of files to an affected system via FTP. The vulnerability exists because the affected software incorrectly handles FTP control connections. An attacker could exploit this vulnerability by sending a maliciously crafted FTP connection to transfer a file to an affected device. A successful exploit could allow... | Firepower_management_center | 8.6 | ||
| 2018-07-16 | CVE-2018-0370 | A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause one of the detection engine processes to run out of memory and thus slow down traffic processing. The vulnerability is due to improper handling of traffic when the Secure Sockets Layer (SSL) inspection policy is enabled. An attacker could exploit this vulnerability by sending malicious traffic through an affected device. An exploit could allow the attacker to... | Firepower_management_center | 7.5 | ||
| 2018-06-21 | CVE-2018-0365 | A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based management interface of the affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful... | Amp_7150_firmware, Amp_8150_firmware, Firepower_appliance_7010_firmware, Firepower_appliance_7020_firmware, Firepower_appliance_7030_firmware, Firepower_appliance_7050_firmware, Firepower_appliance_7110_firmware, Firepower_appliance_7115_firmware, Firepower_appliance_7120_firmware, Firepower_appliance_7125_firmware, Firepower_appliance_8120_firmware, Firepower_appliance_8130_firmware, Firepower_appliance_8140_firmware, Firepower_appliance_8250_firmware, Firepower_appliance_8260_firmware, Firepower_appliance_8270_firmware, Firepower_appliance_8290_firmware, Firepower_appliance_8350_firmware, Firepower_appliance_8360_firmware, Firepower_appliance_8370_firmware, Firepower_appliance_8390_firmware, Firepower_management_center, Firepower_management_center_1000_firmware, Firepower_management_center_2000_firmware, Firepower_management_center_2500_firmware, Firepower_management_center_4000_firmware, Firepower_management_center_4500_firmware, Firepower_management_center_virtual_appliance, Firesight_management_center_1500_firmware, Firesight_management_center_3500_firmware, Firesight_management_center_750_firmware, Ngips_virtual_appliance | 8.8 | ||
| 2018-06-07 | CVE-2018-0333 | A vulnerability in the VPN configuration management of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass VPN security due to unintended side effects of dynamic configuration changes that could allow an attacker to bypass configured policies. The vulnerability is due to incorrect management of the configured interface names and VPN parameters when dynamic CLI configuration changes are performed. An attacker could exploit this vulnerability by sending... | Firepower_management_center | 5.8 | ||
| 2018-05-02 | CVE-2018-0283 | A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an instance of the Snort detection engine on an affected device, resulting in a brief denial of service (DoS) condition. The vulnerability is due to the incorrect handling of Transport Layer Security (TLS) TCP connection setup for the affected software. An attacker could exploit this vulnerability by sending crafted TLS traffic to an affected device. A... | Firepower_management_center | 5.8 | ||
| 2018-05-02 | CVE-2018-0281 | A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an instance of the Snort detection engine on an affected device, resulting in a brief denial of service (DoS) condition. The vulnerability is due to the incorrect handling of a Transport Layer Security (TLS) extension during TLS connection setup for the affected software. An attacker could exploit this vulnerability by sending a crafted TLS connection setup... | Firepower_management_center | 5.8 | ||
| 2018-04-19 | CVE-2018-0233 | A vulnerability in the Secure Sockets Layer (SSL) packet reassembly functionality of the detection engine in Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the detection engine to consume excessive system memory on an affected device, which could cause a denial of service (DoS) condition. The vulnerability is due to the affected software improperly handling changes to SSL connection states. An attacker could exploit this vulnerability by sending... | Firepower_management_center | 8.6 | ||
| 2017-11-16 | CVE-2017-12300 | A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the Server Message Block Version 2 (SMB2) protocol. The vulnerability is due to the incorrect detection of an SMB2 file when the detection is based on the length of the file. An attacker could exploit this vulnerability by sending a crafted SMB2 transfer request through the targeted device. A successful exploit... | Firepower_management_center | 5.8 |