VYPR

Firepower Management Center (FMC) Software

by Cisco Systems, Inc.

CVEs (153)

  • CVE-2020-3499HigOct 21, 2020
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the licensing service of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.The vulnerability is due to improper handling of system resource values by the affected…

  • CVE-2016-6434HigOct 6, 2016
    risk 0.54cvss 7.8epss 0.01

    Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370.

  • CVE-2023-20063HigNov 1, 2023
    risk 0.53cvss 8.2epss 0.00

    A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary…

  • CVE-2021-34762HigOct 27, 2021
    risk 0.53cvss 8.1epss 0.02

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The attacker would require valid device credentials. The…

  • CVE-2020-3550HigOct 21, 2020
    risk 0.53cvss 8.1epss 0.02

    A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to perform directory traversal and access directories outside the restricted path. The…

  • CVE-2020-3549HigOct 21, 2020
    risk 0.53cvss 8.1epss 0.01

    A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to obtain the device registration hash. The vulnerability is due to insufficient…

  • CVE-2020-3410HigOct 21, 2020
    risk 0.53cvss 8.1epss 0.01

    A vulnerability in the Common Access Card (CAC) authentication feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and access the FMC system. The attacker must have a valid CAC to initiate the…

  • CVE-2020-3302HigMay 6, 2020
    risk 0.53cvss 8.1epss 0.02

    A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to overwrite files on the file system of an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this…

  • CVE-2023-20155HigNov 1, 2023
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in a logging API in Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause the device to become unresponsive or trigger an unexpected reload. This vulnerability could also allow an attacker with valid user…

  • CVE-2022-20918HigNov 15, 2022
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the Simple Network Management Protocol (SNMP) access controls for Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module, Cisco Firepower Management Center (FMC) Software, and Cisco Next-Generation Intrusion Prevention System (NGIPS)…

  • CVE-2022-20854HigNov 15, 2022
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This…

  • CVE-2016-9193HigDec 14, 2016
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. Affected Products: Cisco…

  • CVE-2016-6419HigOct 5, 2016
    risk 0.49cvss 7.5epss 0.01

    SQL injection vulnerability in Cisco Firepower Management Center 4.10.3 through 5.4.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCur25485.

  • CVE-2016-6411HigSep 24, 2016
    risk 0.49cvss 7.5epss 0.01

    Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 mishandle comparisons between URLs and X.509 certificates, which allows remote attackers to bypass intended do-not-decrypt settings via a crafted URL, aka Bug ID CSCva50585.

  • CVE-2016-6435MedOct 6, 2016
    risk 0.48cvss 6.5epss 0.37

    The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via crafted parameters, aka Bug ID CSCva30376.

  • CVE-2023-20220HigNov 1, 2023
    risk 0.47cvss 7.2epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. To exploit these vulnerabilities, the attacker must…

  • CVE-2023-20219HigNov 1, 2023
    risk 0.47cvss 7.2epss 0.01

    Multiple vulnerabilities in the web management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. The attacker would need valid device credentials but does…

  • CVE-2019-12690HigOct 2, 2019
    risk 0.47cvss 7.2epss 0.04

    A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with the privileges of the root user of the underlying operating system. The vulnerability is due to…

  • CVE-2022-20743MedMay 3, 2022
    risk 0.43cvss 6.5epss 0.04

    A vulnerability in the web management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to bypass security protections and upload malicious files to the affected system. This vulnerability is due to improper validation of…

  • CVE-2019-1642MedJan 23, 2019
    risk 0.43cvss 6.1epss 0.04

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software.…

Page 2 of 8