Vulnerabilities > Cisco > Firepower Management Center
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-07 | CVE-2017-12220 | Cross-site Scripting vulnerability in Cisco Firepower Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.3 |
| 2017-07-04 | CVE-2017-6717 | Cross-site Scripting vulnerability in Cisco Firepower Management Center A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. | 3.5 |
| 2017-07-04 | CVE-2017-6716 | Cross-site Scripting vulnerability in Cisco Firepower Management Center A vulnerability in the web framework code of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of an affected system. | 3.5 |
| 2017-07-04 | CVE-2017-6715 | Cross-site Scripting vulnerability in Cisco Firepower Management Center A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. | 3.5 |
| 2017-06-13 | CVE-2017-6673 | Information Exposure vulnerability in Cisco Firepower Management Center 6.1.0.2/6.2.0 A vulnerability in Cisco Firepower Management Center could allow an authenticated, remote attacker to obtain user information. | 4.0 |
| 2017-04-20 | CVE-2016-6368 | Resource Management Errors vulnerability in Cisco Firepower Management Center A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. | 5.0 |
| 2017-04-07 | CVE-2017-3885 | Resource Exhaustion vulnerability in Cisco Firepower Management Center A vulnerability in the detection engine reassembly of Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process consumes a high level of CPU resources. | 7.1 |
| 2017-02-22 | CVE-2017-3847 | Cross-site Scripting vulnerability in Cisco Firepower Management Center 6.2.1 A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. | 3.5 |
| 2017-02-03 | CVE-2017-3814 | Improper Input Validation vulnerability in Cisco Firepower Management Center A vulnerability in Cisco Firepower System Software could allow an unauthenticated, remote attacker to maliciously bypass the appliance's ability to block certain web content, aka a URL Bypass. | 5.0 |
| 2017-02-03 | CVE-2017-3809 | Improper Input Validation vulnerability in Cisco Firepower Management Center 6.1.0/6.2.0 A vulnerability in the Policy deployment module of the Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to prevent deployment of a complete and accurate rule base. | 5.0 |