VYPR

Firepower Management Center (FMC) Software

by Cisco Systems, Inc.

CVEs (153)

  • CVE-2023-20114MedNov 1, 2023
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the file download feature of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to download arbitrary files from an affected system. This vulnerability is due to a lack of input sanitation. An attacker could exploit…

  • CVE-2022-20744MedMay 3, 2022
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the input protection mechanisms of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to view data without proper authorization. This vulnerability exists because of a protection mechanism that relies on the…

  • CVE-2019-12700MedOct 2, 2019
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco Firepower Threat Defense (FTD) Software, Cisco Firepower Management Center (FMC) Software, and Cisco FXOS Software could allow an authenticated, remote attacker to cause a denial of…

  • CVE-2016-6471MedDec 14, 2016
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the web-based management interface of Cisco Firepower Management Center running FireSIGHT System software could allow an authenticated, remote attacker to view the Remote Storage Password. More Information: CSCvb19366. Known Affected Releases: 5.4.1.6.

  • CVE-2016-6420MedOct 5, 2016
    risk 0.42cvss 6.5epss 0.02

    Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467.

  • CVE-2016-1413MedMay 28, 2016
    risk 0.42cvss 6.5epss 0.01

    The web interface in Cisco Firepower Management Center 5.4.0 through 6.0.0.1 allows remote authenticated users to modify pages by placing crafted code in a parameter value, aka Bug ID CSCuy76517.

  • CVE-2022-20926MedNov 15, 2022
    risk 0.41cvss 6.3epss 0.01

    A vulnerability in the web management interface of the Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. The vulnerability is due to insufficient validation of…

  • CVE-2022-20925MedNov 15, 2022
    risk 0.41cvss 6.3epss 0.01

    A vulnerability in the web management interface of the Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. The vulnerability is due to insufficient validation of…

  • CVE-2019-1978MedNov 5, 2019
    risk 0.41cvss 5.8epss 0.09

    A vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The…

  • CVE-2023-20206MedNov 1, 2023
    risk 0.40cvss 6.1epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. These…

  • CVE-2022-20740MedMay 3, 2022
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack. This vulnerability is due to improper validation of user-supplied input to the…

  • CVE-2020-3553MedOct 21, 2020
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to…

  • CVE-2020-3515MedOct 21, 2020
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to…

  • CVE-2020-3313MedMay 6, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the FMC Software. The vulnerability is due to…

  • CVE-2020-3311MedMay 6, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of HTTP request parameters. An attacker…

  • CVE-2019-1931MedJul 6, 2019
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the RSS dashboard in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of…

  • CVE-2019-1930MedJul 6, 2019
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the RSS dashboard in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of…

  • CVE-2019-1671MedFeb 7, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The…

  • CVE-2017-12220MedSep 7, 2017
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…

  • CVE-2016-6365MedAug 23, 2016
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.0.2, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCur25508 and CSCur25518.

Page 3 of 8