Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Firepower_threat_defense
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 202 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-10-27 | CVE-2021-40116 | Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. An attacker could exploit this vulnerability by sending a crafted IP packet to the affected device. A successful exploit could allow the... | Firepower_management_center, Firepower_threat_defense, Snort | 7.5 | ||
| 2021-10-27 | CVE-2021-40117 | A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because incoming SSL/TLS packets are not properly processed. An attacker could exploit this vulnerability by sending a crafted SSL/TLS packet to an affected device. A successful exploit could allow the... | Adaptive_security_appliance, Adaptive_security_appliance_software, Asa_5505_firmware, Asa_5512\-X_firmware, Asa_5515\-X_firmware, Asa_5525\-X_firmware, Asa_5545\-X_firmware, Asa_5555\-X_firmware, Asa_5580_firmware, Asa_5585\-X_firmware, Firepower_threat_defense | 7.5 | ||
| 2021-10-27 | CVE-2021-40118 | A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the... | Adaptive_security_appliance, Adaptive_security_appliance_software, Asa_5505_firmware, Asa_5512\-X_firmware, Asa_5515\-X_firmware, Asa_5525\-X_firmware, Asa_5545\-X_firmware, Asa_5555\-X_firmware, Asa_5580_firmware, Asa_5585\-X_firmware, Firepower_threat_defense | 7.5 | ||
| 2021-10-27 | CVE-2021-40125 | A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. This vulnerability is due to improper control of a resource. An attacker with the ability to spoof a trusted IKEv2 site-to-site VPN peer and in possession of valid IKEv2 credentials for that peer... | Adaptive_security_appliance_software, Asa_5505_firmware, Asa_5512\-X_firmware, Asa_5515\-X_firmware, Asa_5525\-X_firmware, Asa_5545\-X_firmware, Asa_5555\-X_firmware, Asa_5580_firmware, Asa_5585\-X_firmware, Firepower_threat_defense | 6.5 | ||
| 2022-04-21 | CVE-2022-20795 | A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by... | Adaptive_security_appliance, Adaptive_security_appliance_software, Firepower_threat_defense | 7.5 | ||
| 2022-05-03 | CVE-2022-20751 | A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient memory management for certain Snort events. An attacker could exploit this vulnerability by sending a series of crafted IP packets that would generate specific Snort events on an... | Firepower_threat_defense | 7.5 | ||
| 2022-05-03 | CVE-2022-20729 | A vulnerability in CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject XML into the command parser. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted input in commands. A successful exploit could allow the attacker to inject XML into the command parser, which could result in unexpected processing of the command and unexpected command output. | Firepower_threat_defense | 7.8 | ||
| 2022-05-03 | CVE-2022-20730 | A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed. This vulnerability is due to incorrect feed update processing. An attacker could exploit this vulnerability by sending traffic through an affected device that should be blocked by the affected device. A successful exploit could allow the attacker to bypass device controls and successfully send... | Firepower_threat_defense | 7.5 | ||
| 2022-05-03 | CVE-2022-20742 | A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due to an improper implementation of Galois/Counter Mode (GCM) ciphers. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a sufficient number of encrypted messages across an affected... | Adaptive_security_appliance_software, Firepower_threat_defense | 7.4 | ||
| 2022-05-03 | CVE-2022-20745 | A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a crafted HTTPS request to an affected device. A successful exploit could allow the... | Adaptive_security_appliance_software, Firepower_threat_defense | 7.5 |