Vulnerabilities > Cisco > Firepower Extensible Operating System > 2.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-23 | CVE-2022-20625 | Unspecified vulnerability in Cisco Firepower Extensible Operating System A vulnerability in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the service to restart, resulting in a denial of service (DoS) condition. low complexity cisco | 4.3 |
| 2021-09-23 | CVE-2021-34714 | Improper Input Validation vulnerability in Cisco products A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. | 7.4 |
| 2020-10-21 | CVE-2020-3459 | OS Command Injection vulnerability in Cisco Firepower Extensible Operating System A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. | 7.8 |
| 2020-10-21 | CVE-2020-3455 | Unspecified vulnerability in Cisco Firepower Extensible Operating System A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms. | 7.8 |
| 2020-09-04 | CVE-2020-3545 | Out-of-bounds Write vulnerability in Cisco Firepower Extensible Operating System A vulnerability in Cisco FXOS Software could allow an authenticated, local attacker with administrative credentials to cause a buffer overflow condition. | 6.7 |
| 2020-08-27 | CVE-2020-3517 | NULL Pointer Dereference vulnerability in Cisco Firepower Extensible Operating System and Nx-Os A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. | 8.6 |
| 2020-02-26 | CVE-2020-3172 | Improper Input Validation vulnerability in Cisco Firepower Extensible Operating System A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. | 8.8 |
| 2020-02-26 | CVE-2020-3169 | OS Command Injection vulnerability in Cisco Firepower Extensible Operating System A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root on an affected device. | 6.7 |
| 2020-02-26 | CVE-2020-3167 | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). | 7.8 |
| 2020-02-26 | CVE-2020-3166 | Improper Input Validation vulnerability in Cisco Firepower Threat Defense A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). | 6.7 |