Vulnerabilities > Cisco > Firepower Management Center > 6.3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-08 | CVE-2020-3320 | Cross-site Scripting vulnerability in Cisco Firepower Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 3.5 |
| 2020-09-23 | CVE-2019-15992 | Out-of-bounds Write vulnerability in Cisco products A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. | 7.2 |
| 2020-05-06 | CVE-2020-3318 | Use of Hard-coded Credentials vulnerability in Cisco Firepower Management Center Multiple vulnerabilities in Cisco Firepower Management Center (FMC) Software and Cisco Firepower User Agent Software could allow an attacker to access a sensitive part of an affected system with a high-privileged account. | 7.5 |
| 2020-05-06 | CVE-2020-3312 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Firepower Management Center A vulnerability in the application policy configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data on an affected device. | 5.0 |
| 2020-05-06 | CVE-2020-3307 | Improper Input Validation vulnerability in Cisco Firepower Management Center A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to write arbitrary entries to the log file on an affected device. | 5.0 |
| 2020-05-06 | CVE-2020-3301 | Use of Hard-coded Credentials vulnerability in Cisco Firepower Management Center Multiple vulnerabilities in Cisco Firepower Management Center (FMC) Software and Cisco Firepower User Agent Software could allow an attacker to access a sensitive part of an affected system with a high-privileged account. | 2.1 |
| 2019-10-16 | CVE-2019-15280 | Cross-site Scripting vulnerability in Cisco Firepower Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface. | 3.5 |
| 2019-10-02 | CVE-2019-12690 | OS Command Injection vulnerability in Cisco Firepower Management Center A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with the privileges of the root user of the underlying operating system. | 9.0 |
| 2019-10-02 | CVE-2019-12686 | SQL Injection vulnerability in Cisco Firepower Management Center 6.2.3/6.3.0 Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. | 9.0 |
| 2019-08-08 | CVE-2019-1970 | Protection Mechanism Failure vulnerability in Cisco products A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. | 5.0 |