Vulnerabilities > Cisco > Firepower Management Center > 5.3.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-01-13 | CVE-2021-1267 | XML Entity Expansion vulnerability in Cisco Firepower Management Center A vulnerability in the dashboard widget of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 4.0 |
2021-01-13 | CVE-2021-1239 | Cross-site Scripting vulnerability in Cisco Firepower Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected system. | 3.5 |
2021-01-13 | CVE-2021-1238 | Cross-site Scripting vulnerability in Cisco Firepower Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected system. | 3.5 |
2021-01-13 | CVE-2021-1126 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Firepower Management Center A vulnerability in the storage of proxy server credentials of Cisco Firepower Management Center (FMC) could allow an authenticated, local attacker to view credentials for a configured proxy server. | 2.1 |
2020-10-21 | CVE-2020-3557 | Improper Certificate Validation vulnerability in Cisco Firepower Management Center A vulnerability in the host input API daemon of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 5.3 |
2020-10-21 | CVE-2020-3514 | Unspecified vulnerability in Cisco products A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their Cisco FTD instance and execute commands with root privileges in the host namespace. | 6.7 |
2020-09-23 | CVE-2019-15992 | Out-of-bounds Write vulnerability in Cisco products A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. | 7.2 |
2020-05-06 | CVE-2020-3302 | Improper Input Validation vulnerability in Cisco Firepower Management Center A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to overwrite files on the file system of an affected device. | 8.5 |
2019-10-02 | CVE-2019-12700 | Unspecified vulnerability in Cisco products A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco Firepower Threat Defense (FTD) Software, Cisco Firepower Management Center (FMC) Software, and Cisco FXOS Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. | 6.5 |
2016-10-27 | CVE-2016-6439 | Resource Management Errors vulnerability in Cisco Firepower Management Center A vulnerability in the detection engine reassembly of HTTP packets for Cisco Firepower System Software before 6.0.1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. | 4.3 |