Vulnerabilities > Cisco > Firepower Management Center > 6.2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-21 | CVE-2018-0365 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 6.8 |
| 2018-05-02 | CVE-2018-0283 | Cleartext Transmission of Sensitive Information vulnerability in Cisco Firepower Management Center A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an instance of the Snort detection engine on an affected device, resulting in a brief denial of service (DoS) condition. | 5.0 |
| 2018-05-02 | CVE-2018-0281 | Cleartext Transmission of Sensitive Information vulnerability in Cisco Firepower Management Center A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an instance of the Snort detection engine on an affected device, resulting in a brief denial of service (DoS) condition. | 5.0 |
| 2018-05-02 | CVE-2018-0278 | Incorrect Authorization vulnerability in Cisco Firepower Management Center A vulnerability in the management console of Cisco Firepower System Software could allow an unauthenticated, remote attacker to access sensitive data about the system. | 4.3 |
| 2018-04-19 | CVE-2018-0233 | Resource Exhaustion vulnerability in Cisco Firepower Management Center A vulnerability in the Secure Sockets Layer (SSL) packet reassembly functionality of the detection engine in Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the detection engine to consume excessive system memory on an affected device, which could cause a denial of service (DoS) condition. | 7.8 |
| 2017-10-05 | CVE-2017-12245 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco Firepower Management Center A vulnerability in SSL traffic decryption for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause depletion of system memory, aka a Firepower Detection Engine SSL Decryption Memory Consumption Denial of Service vulnerability. | 5.0 |
| 2017-10-05 | CVE-2017-12244 | Improper Input Validation vulnerability in Cisco Firepower Management Center A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service (DoS) condition because the Snort process restarts unexpectedly. | 5.0 |
| 2017-07-04 | CVE-2017-6717 | Cross-site Scripting vulnerability in Cisco Firepower Management Center A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. | 3.5 |
| 2017-06-13 | CVE-2017-6673 | Information Exposure vulnerability in Cisco Firepower Management Center 6.1.0.2/6.2.0 A vulnerability in Cisco Firepower Management Center could allow an authenticated, remote attacker to obtain user information. | 4.0 |
| 2017-04-07 | CVE-2017-3885 | Resource Exhaustion vulnerability in Cisco Firepower Management Center A vulnerability in the detection engine reassembly of Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process consumes a high level of CPU resources. | 7.1 |