Vulnerabilities > Cisco > Adaptive Security Appliance Software > 9.12.4.7

DATE CVE VULNERABILITY TITLE RISK
2020-10-21 CVE-2020-3580 Cross-site Scripting vulnerability in Cisco products
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device.
network
low complexity
cisco CWE-79
6.1
2020-02-26 CVE-2020-3166 Improper Input Validation vulnerability in Cisco Firepower Threat Defense
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS).
local
low complexity
cisco CWE-20
6.7