Vulnerabilities > Cisco > Firepower Management Center > 6.4.0.17
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-23 | CVE-2024-20372 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. | 6.1 |
| 2024-10-23 | CVE-2024-20386 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. | 6.1 |
| 2024-10-23 | CVE-2024-20387 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco FMC Software could allow an authenticated, remote attacker to store malicious content for use in XSS attacks. | 5.4 |
| 2024-10-23 | CVE-2024-20388 | Unspecified vulnerability in Cisco products A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device. This vulnerability is due to improper authentication of password update responses. | 5.3 |
| 2024-10-23 | CVE-2024-20403 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. | 5.4 |
| 2024-10-23 | CVE-2024-20409 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. | 6.1 |
| 2024-10-23 | CVE-2024-20410 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. | 6.1 |
| 2024-10-23 | CVE-2024-20415 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. | 6.1 |