Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Firepower_threat_defense
(Cisco)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 205 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-11-15 | CVE-2022-20927 | A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management when a device initiates SSL/TLS connections. An attacker could exploit this vulnerability by ensuring that the device will connect to an SSL/TLS server that is using specific... | Adaptive_security_appliance_software, Firepower_services_software_for_asa, Firepower_threat_defense | 6.5 | ||
2022-11-15 | CVE-2022-20928 | A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to establish a connection as a different user. This vulnerability is due to a flaw in the authorization verifications during the VPN authentication flow. An attacker could exploit this vulnerability by sending a crafted packet during a VPN authentication. The... | Adaptive_security_appliance_software, Firepower_threat_defense | 5.8 | ||
2022-11-15 | CVE-2022-20940 | A vulnerability in the TLS handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability is due to improper implementation of countermeasures against a Bleichenbacher attack on a device that uses SSL decryption policies. An attacker could exploit this vulnerability by sending crafted TLS messages to an affected device, which would act as an oracle and allow the attacker to carry out a... | Firepower_threat_defense | 5.3 | ||
2022-11-15 | CVE-2022-20943 | Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to improper management of system resources when the Snort detection engine is processing SMB2 traffic. An attacker could exploit these vulnerabilities by sending a high rate of... | Cyber_vision, Firepower_threat_defense, Meraki_mx_security_appliance_firmware | 5.8 | ||
2022-11-15 | CVE-2022-20946 | A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a memory handling error that occurs when GRE traffic is processed. An attacker could exploit this vulnerability by sending a crafted GRE payload through an affected device. A successful exploit could allow the... | Firepower_threat_defense | 7.5 | ||
2022-11-15 | CVE-2022-20949 | A vulnerability in the management web server of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with high privileges to execute configuration commands on an affected system. This vulnerability exists because access to HTTPS endpoints is not properly restricted on an affected device. An attacker could exploit this vulnerability by sending specific messages to the affected HTTPS handler. A successful exploit could allow the attacker to perform... | Firepower_threat_defense | 4.9 | ||
2022-11-15 | CVE-2022-20950 | A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a lack of error-checking when SIP bidirectional flows are being inspected by Snort 3. An attacker could exploit this vulnerability by sending a stream of crafted SIP traffic through an interface on the targeted device. A successful exploit could allow the... | Firepower_threat_defense | 5.3 | ||
2023-06-28 | CVE-2023-20006 | A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to an implementation error within the cryptographic functions for SSL/TLS traffic processing when... | Adaptive_security_appliance_software, Firepower_threat_defense | 7.5 | ||
2023-11-01 | CVE-2023-20086 | A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper processing of ICMPv6 messages. An attacker could exploit this vulnerability by sending crafted ICMPv6 messages to a targeted Cisco ASA or FTD system with IPv6 enabled. A successful exploit could allow the attacker to cause... | Adaptive_security_appliance_software, Firepower_threat_defense | 8.6 | ||
2023-11-01 | CVE-2023-20244 | A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain packets when they are sent to the inspection engine. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit... | Firepower_threat_defense | 8.6 |