VYPR

Firepower Device Manager (FDM) On-Box Software

by Cisco Systems, Inc.

CVEs (6)

  • CVE-2021-1518Jul 22, 2021
    risk 0.00cvss epss 0.02

    A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. This vulnerability is due to insufficient sanitization of…

  • CVE-2021-1489Apr 29, 2021
    risk 0.00cvss epss 0.01

    A vulnerability in filesystem usage management for Cisco Firepower Device Manager (FDM) Software could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to…

  • CVE-2021-1369Apr 29, 2021
    risk 0.00cvss epss 0.01

    A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected device. This vulnerability is due to the improper handling of XML…

  • CVE-2020-3188May 6, 2020
    risk 0.00cvss epss 0.02

    A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of…

  • CVE-2020-3310May 6, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the XML parser code of Cisco Firepower Device Manager On-Box software could allow an authenticated, remote attacker to cause an affected system to become unstable or reload. The vulnerability is due to insufficient hardening of the XML parser configuration. An…

  • CVE-2020-3309May 6, 2020
    risk 0.00cvss epss 0.02

    A vulnerability in Cisco Firepower Device Manager (FDM) On-Box software could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation. An attacker could…