Vulnerabilities > Cisco > Firepower Management Center Virtual Appliance
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-27 | CVE-2021-34755 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. | 7.8 |
| 2021-10-27 | CVE-2021-34756 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. | 7.8 |
| 2021-10-27 | CVE-2021-34761 | Exposure of Resource to Wrong Sphere vulnerability in Cisco products A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. | 6.0 |
| 2021-10-27 | CVE-2021-34762 | Path Traversal vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. | 8.1 |
| 2021-10-27 | CVE-2021-34763 | Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. | 4.8 |
| 2021-10-27 | CVE-2021-34764 | Open Redirect vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. | 6.1 |
| 2021-10-27 | CVE-2021-34781 | Improper Handling of Exceptional Conditions vulnerability in Cisco products A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. | 7.5 |
| 2018-06-21 | CVE-2018-0365 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 6.8 |