Vulnerabilities > Cisco > Firepower Management Center Virtual Appliance > 6.4.0

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-27	CVE-2021-34755	OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. local low complexity cisco CWE-78	7.8
2021-10-27	CVE-2021-34756	OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. local low complexity cisco CWE-78	7.8
2021-10-27	CVE-2021-34761	Exposure of Resource to Wrong Sphere vulnerability in Cisco products A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. local low complexity cisco CWE-668	6.0
2021-10-27	CVE-2021-34762	Path Traversal vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. network low complexity cisco CWE-22	8.1
2021-10-27	CVE-2021-34763	Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. network low complexity cisco CWE-79	4.8
2021-10-27	CVE-2021-34764	Open Redirect vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. network low complexity cisco CWE-601	6.1
2021-10-27	CVE-2021-34781	Improper Handling of Exceptional Conditions vulnerability in Cisco products A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. network low complexity cisco CWE-755	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.