Vulnerabilities > Cisco > Firepower 4125 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-08-23 CVE-2023-20200 Incorrect Permission Assignment for Critical Resource vulnerability in Cisco products
A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software for Firepower 4100 Series and Firepower 9300 Security Appliances and of Cisco UCS 6300 Series Fabric Interconnects could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to the improper handling of specific SNMP requests.
network
high complexity
cisco CWE-732
6.3
2022-08-25 CVE-2022-20865 OS Command Injection vulnerability in Cisco products
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges.
local
low complexity
cisco CWE-78
6.7
2019-10-02 CVE-2019-12675 Improper Encoding or Escaping of Output vulnerability in Cisco products
Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace.
local
low complexity
cisco CWE-116
8.8
2019-10-02 CVE-2019-12674 Improper Encoding or Escaping of Output vulnerability in Cisco products
Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace.
local
low complexity
cisco CWE-116
8.2