VYPR

Firepower Management Center (FMC) Software

by Cisco Systems, Inc.

CVEs (153)

  • CVE-2016-1431MedJun 18, 2016
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCur25516.

  • CVE-2019-1981MedNov 5, 2019
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The…

  • CVE-2019-12701MedOct 2, 2019
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the file and malware inspection feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass the file and malware inspection policies on an affected system. The vulnerability exists because the affected…

  • CVE-2018-15443MedNov 8, 2018
    risk 0.38cvss 5.8epss 0.03

    A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured Intrusion Prevention System (IPS) rule that inspects certain types of TCP traffic. The vulnerability is due to incorrect TCP…

  • CVE-2021-1126MedJan 13, 2021
    risk 0.36cvss 5.5epss 0.00

    A vulnerability in the storage of proxy server credentials of Cisco Firepower Management Center (FMC) could allow an authenticated, local attacker to view credentials for a configured proxy server. The vulnerability is due to clear-text storage and weak permissions of related…

  • CVE-2022-20941MedNov 15, 2022
    risk 0.35cvss 5.3epss 0.01

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to access sensitive information. This vulnerability is due to missing authorization for certain resources in the web-based…

  • CVE-2022-20629MedMay 3, 2022
    risk 0.35cvss 5.4epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to…

  • CVE-2022-20628MedMay 3, 2022
    risk 0.35cvss 5.4epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to…

  • CVE-2022-20627MedMay 3, 2022
    risk 0.35cvss 5.4epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to…

  • CVE-2020-3557MedOct 21, 2020
    risk 0.35cvss 5.3epss 0.01

    A vulnerability in the host input API daemon of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper certificate validation. An…

  • CVE-2020-3320MedOct 8, 2020
    risk 0.35cvss 5.4epss 0.01

    A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability…

  • CVE-2020-3307MedMay 6, 2020
    risk 0.35cvss 5.3epss 0.01

    A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to write arbitrary entries to the log file on an affected device. The vulnerability is due to insufficient input validation. An attacker could…

  • CVE-2019-1982MedNov 5, 2019
    risk 0.35cvss 5.3epss 0.01

    A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The…

  • CVE-2019-1980MedNov 5, 2019
    risk 0.35cvss 5.3epss 0.01

    A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The…

  • CVE-2019-15270MedOct 16, 2019
    risk 0.35cvss 5.4epss 0.01

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to…

  • CVE-2018-15458MedJan 10, 2019
    risk 0.35cvss 5.3epss 0.03

    A vulnerability in the Shell Access Filter feature of Cisco Firepower Management Center (FMC), when used in conjunction with remote authentication, could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition.…

  • CVE-2017-12221MedSep 7, 2017
    risk 0.35cvss 5.4epss 0.01

    A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected software. The vulnerability is due to insufficient…

  • CVE-2016-6396MedSep 12, 2016
    risk 0.35cvss 5.3epss 0.01

    Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1, when certain malware blocking options are enabled, allow remote attackers to bypass malware detection via crafted fields in HTTP headers, aka Bug ID CSCuz44482.

  • CVE-2016-6395MedSep 12, 2016
    risk 0.35cvss 5.4epss 0.01

    Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka Bug ID…

  • CVE-2016-1342MedFeb 26, 2016
    risk 0.35cvss 5.3epss 0.01

    The device login page in Cisco FirePOWER Management Center 5.3 through 6.0.0.1 allows remote attackers to obtain potentially sensitive software-version information by reading help files, aka Bug ID CSCuy36654.

Page 4 of 8