Product:

Firepower_threat_defense

(Cisco)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 205
Date Id Summary Products Score Patch Annotated
2018-04-19 CVE-2018-0244 A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy to drop the Server Message Block (SMB) protocol if a malware file is detected. The vulnerability is due to how the SMB protocol handles a case in which a large file transfer fails. This case occurs when some pieces of the file are successfully transferred to the remote endpoint, but ultimately the file transfer fails and is... Firepower_threat_defense 5.8
2018-04-19 CVE-2018-0243 A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 (SMB2) and SMB Version 3 (SMB3) protocols if malware is detected. The vulnerability is due to incorrect detection of an SMB2 or SMB3 file based on the total file length. An attacker could exploit this vulnerability by sending a crafted SMB2 or SMB3 transfer request... Firepower_threat_defense 5.8
2018-02-08 CVE-2018-0138 A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass file policies that are configured to block files transmitted to an affected device via the BitTorrent protocol. The vulnerability exists because the affected software does not detect BitTorrent handshake messages correctly. An attacker could exploit this vulnerability by sending a crafted BitTorrent connection request to an affected device. A successful exploit... Firepower_threat_defense 5.3
2017-05-22 CVE-2017-6632 A vulnerability in the logging configuration of Secure Sockets Layer (SSL) policies for Cisco FirePOWER System Software 5.3.0 through 6.2.2 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources. The vulnerability is due to the logging of certain TCP packets by the affected software. An attacker could exploit this vulnerability by sending a flood of crafted TCP packets to an affected device. A successful... Firepower_threat_defense 7.5
2017-05-03 CVE-2017-6625 A "Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of Service" vulnerability in the access control policy of Cisco Firepower System Software could allow an authenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition. The vulnerability is due to improper SSL policy handling by the affected software when packets are passed through the sensing interfaces of an... Firepower_threat_defense 7.1
2019-10-02 CVE-2019-12694 A vulnerability in the command line interface (CLI) of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker with administrative privileges to execute commands on the underlying operating system with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by executing a specific CLI command that includes crafted arguments. A successful exploit could allow the attacker to execute commands on... Firepower_threat_defense N/A
2019-10-02 CVE-2019-12675 Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the... Firepower_4110_firmware, Firepower_4115_firmware, Firepower_4120_firmware, Firepower_4125_firmware, Firepower_4140_firmware, Firepower_4145_firmware, Firepower_4150_firmware, Firepower_9300_firmware, Firepower_threat_defense N/A
2019-10-02 CVE-2019-12674 Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the... Firepower_4110_firmware, Firepower_4115_firmware, Firepower_4120_firmware, Firepower_4125_firmware, Firepower_4140_firmware, Firepower_4145_firmware, Firepower_4150_firmware, Firepower_9300_firmware, Firepower_threat_defense N/A
2017-04-07 CVE-2017-3887 A vulnerability in the detection engine that handles Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process unexpectedly restarts. This vulnerability affects Cisco Firepower System Software prior to the first fixed release when it is configured with an SSL Decrypt-Resign policy. More Information: CSCvb62292. Known Affected Releases: 6.0.1 6.1.0 6.2.0. Known... Firepower_threat_defense 5.9
2019-08-08 CVE-2019-1970 A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors when handling specific SSL/TLS messages. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow... Firepower_management_center, Firepower_threat_defense 7.5