Vulnerabilities > Cisco > Firepower Extensible Operating System > 2.7

DATE CVE VULNERABILITY TITLE RISK
2022-02-23 CVE-2022-20625 Unspecified vulnerability in Cisco Firepower Extensible Operating System
A vulnerability in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the service to restart, resulting in a denial of service (DoS) condition.
low complexity
cisco
4.3
2021-09-23 CVE-2021-34714 Improper Input Validation vulnerability in Cisco products
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload.
low complexity
cisco CWE-20
7.4
2020-10-21 CVE-2020-3459 OS Command Injection vulnerability in Cisco Firepower Extensible Operating System
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges.
local
low complexity
cisco CWE-78
7.8
2020-10-21 CVE-2020-3457 OS Command Injection vulnerability in Cisco products
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges.
local
low complexity
cisco CWE-78
6.7
2020-10-21 CVE-2020-3455 Unspecified vulnerability in Cisco Firepower Extensible Operating System
A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms.
local
low complexity
cisco
7.8
2020-02-26 CVE-2020-3172 Improper Input Validation vulnerability in Cisco Firepower Extensible Operating System
A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device.
low complexity
cisco CWE-20
8.8
2020-02-05 CVE-2020-3120 Integer Overflow or Wraparound vulnerability in Cisco products
A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition.
low complexity
cisco CWE-190
6.5