Cisco Secure_firewall_management_center
27 CVEs affecting Cisco Secure_firewall_management_center. Latest disclosed: 2017-11-16. Critical: 0, High: 10.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-6433 | High | 8.8 | 2016-10-06 | The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote authenticated users to execute arbitrary commands via craf… |
CVE-2016-1458 | High | 8.8 | 2016-08-18 | The web-based GUI in Cisco Firepower Management Center 4.x and 5.x before 5.3.0.3, 5.3.1.x before 5.3.1.2, and 5.4.x before 5.4.0.1 and Cisco Adaptive Security… |
CVE-2016-1457 | High | 8.8 | 2016-08-18 | The web-based GUI in Cisco Firepower Management Center 4.x and 5.x before 5.3.1.2 and 5.4.x before 5.4.0.1 and Cisco Adaptive Security Appliance (ASA) Software… |
CVE-2017-12245 | High | 8.6 | 2017-10-05 | A vulnerability in SSL traffic decryption for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause depletion… |
CVE-2017-12244 | High | 8.6 | 2017-10-05 | A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause hi… |
CVE-2016-6368 | High | 8.6 | 2017-04-20 | A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauth… |
CVE-2016-6434 | High | 7.8 | 2016-10-06 | Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access… |
CVE-2016-9193 | High | 7.5 | 2016-12-14 | A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an u… |
CVE-2016-6439 | High | 7.5 | 2016-10-27 | A vulnerability in the detection engine reassembly of HTTP packets for Cisco Firepower System Software before 6.0.1 could allow an unauthenticated, remote atta… |
CVE-2016-6419 | High | 7.5 | 2016-10-05 | SQL injection vulnerability in Cisco Firepower Management Center 4.10.3 through 5.4.0 allows remote authenticated users to execute arbitrary SQL commands via u… |
CVE-2017-6673 | Medium | 6.5 | 2017-06-13 | A vulnerability in Cisco Firepower Management Center could allow an authenticated, remote attacker to obtain user information. An attacker could use this infor… |
CVE-2016-6435 | Medium | 6.5 | 2016-10-06 | The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via crafted parameters, aka Bug ID CSCva30… |
CVE-2016-1413 | Medium | 6.5 | 2016-05-28 | The web interface in Cisco Firepower Management Center 5.4.0 through 6.0.0.1 allows remote authenticated users to modify pages by placing crafted code in a par… |
CVE-2017-12220 | Medium | 6.1 | 2017-09-07 | A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a reflect… |
CVE-2016-6365 | Medium | 6.1 | 2016-08-23 | Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.0.2, 5.3.1, and 5.4.0 allows remote attackers to inject… |
CVE-2016-1431 | Medium | 6.1 | 2016-06-18 | Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrar… |
CVE-2017-3885 | Medium | 5.9 | 2017-04-07 | A vulnerability in the detection engine reassembly of Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, re… |
CVE-2017-12300 | Medium | 5.8 | 2017-11-16 | A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that i… |
CVE-2017-3814 | Medium | 5.8 | 2017-02-03 | A vulnerability in Cisco Firepower System Software could allow an unauthenticated, remote attacker to maliciously bypass the appliance's ability to block certa… |
CVE-2017-3809 | Medium | 5.8 | 2017-02-03 | A vulnerability in the Policy deployment module of the Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to prevent deplo… |