VYPR

Firepower Extensible Operating System

by Cisco Systems, Inc.

CVEs (32)

  • CVE-2015-6435CriJan 22, 2016
    risk 0.64cvss 9.8epss 0.09

    An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Computing System (UCS) Manager before 2.2(4b), 2.2(5) before 2.2(5a), and 3.0 before 3.0(2e) allows remote attackers to execute arbitrary shell commands via a crafted HTTP request,…

  • CVE-2017-12277HigNov 2, 2017
    risk 0.58cvss 8.8epss 0.04

    A vulnerability in the Smart Licensing Manager service of the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges.…

  • CVE-2017-3883HigOct 19, 2017
    risk 0.56cvss 8.6epss 0.04

    A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability…

  • CVE-2017-6600HigApr 7, 2017
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More…

  • CVE-2017-6597HigApr 7, 2017
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in the local-mgmt CLI command of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection…

  • CVE-2017-6601HigApr 7, 2017
    risk 0.46cvss 7.1epss 0.01

    A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More…

  • CVE-2017-6598MedApr 7, 2017
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to execute arbitrary…

  • CVE-2017-12329MedNov 30, 2017
    risk 0.41cvss 6.3epss 0.01

    A vulnerability in the CLI of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the…

  • CVE-2017-12299MedNov 16, 2017
    risk 0.35cvss 5.3epss 0.01

    A vulnerability exists in the process of creating default IP blocks during device initialization for Cisco ASA Next-Generation Firewall Services that could allow an unauthenticated, remote attacker to send traffic to the local IP address of the device, bypassing any filters that…

  • CVE-2017-6602MedApr 7, 2017
    risk 0.29cvss 4.4epss 0.01

    A vulnerability in the CLI of Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More…

  • CVE-2024-20294Feb 28, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper…

  • CVE-2023-20234Aug 23, 2023
    risk 0.00cvss epss 0.00

    A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a…

  • CVE-2023-20200Aug 23, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software for Firepower 4100 Series and Firepower 9300 Security Appliances and of Cisco UCS 6300 Series Fabric Interconnects could allow an authenticated, remote attacker to cause a denial of…

  • CVE-2022-20934Nov 10, 2022
    risk 0.00cvss epss 0.00

    A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to improper input validation…

  • CVE-2022-20865Aug 25, 2022
    risk 0.00cvss epss 0.00

    A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The attacker would need to have Administrator privileges on the device. This vulnerability is due to insufficient…

  • CVE-2020-3455Oct 21, 2020
    risk 0.00cvss epss 0.00

    A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms. The vulnerability is due to insufficient protections of the secure boot process. An attacker could exploit this vulnerability by…

  • CVE-2020-3459Oct 21, 2020
    risk 0.00cvss epss 0.00

    A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could…

  • CVE-2020-3545Sep 4, 2020
    risk 0.00cvss epss 0.00

    A vulnerability in Cisco FXOS Software could allow an authenticated, local attacker with administrative credentials to cause a buffer overflow condition. The vulnerability is due to incorrect bounds checking of values that are parsed from a specific file. An attacker could…

  • CVE-2020-3166Feb 26, 2020
    risk 0.00cvss epss 0.00

    A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by…

  • CVE-2020-3169Feb 26, 2020
    risk 0.00cvss epss 0.00

    A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root on an affected device. The vulnerability is due to insufficient validation of…

Page 1 of 2