Vulnerabilities > Cisco > Firepower Extensible Operating System
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-11-19 | CVE-2015-6369 | Improper Input Validation vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) The USB driver in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows physically proximate attackers to cause a denial of service via a crafted USB device that triggers invalid USB commands, aka Bug ID CSCux10531. | 4.9 |
| 2015-11-19 | CVE-2015-6368 | Information Exposure vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to read files via a crafted HTTP request, aka Bug ID CSCux10608. | 5.0 |
| 2015-11-18 | CVE-2015-6373 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) Cross-site request forgery (CSRF) vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCux10611. | 6.8 |
| 2015-11-18 | CVE-2015-6372 | Cross-site Scripting vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCux10614. | 4.3 |
| 2015-07-29 | CVE-2015-4287 | Permissions, Privileges, and Access Controls vulnerability in Cisco Firepower Extensible Operating System 1.1(1.86) Cisco Firepower Extensible Operating System 1.1(1.86) on Firepower 9000 devices allows remote attackers to bypass intended access restrictions and obtain sensitive device information by visiting an unspecified web page, aka Bug ID CSCuu82230. | 5.0 |