Vulnerabilities > Cisco > Firepower Management Center > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-02 | CVE-2019-12688 | Improper Input Validation vulnerability in Cisco Firepower Management Center 6.2.2 A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. | 9.0 |
| 2019-10-02 | CVE-2019-12689 | Improper Input Validation vulnerability in Cisco Firepower Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. | 9.0 |
| 2019-10-02 | CVE-2019-12690 | OS Command Injection vulnerability in Cisco Firepower Management Center A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with the privileges of the root user of the underlying operating system. | 9.0 |
| 2016-10-06 | CVE-2016-6433 | Improper Input Validation vulnerability in Cisco Firepower Management Center The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote authenticated users to execute arbitrary commands via crafted web-application parameters, aka Bug ID CSCva30872. | 9.0 |
| 2016-08-18 | CVE-2016-1457 | Permissions, Privileges, and Access Controls vulnerability in Cisco Firepower Management Center The web-based GUI in Cisco Firepower Management Center 4.x and 5.x before 5.3.1.2 and 5.4.x before 5.4.0.1 and Cisco Adaptive Security Appliance (ASA) Software on 5500-X devices with FirePOWER Services 4.x and 5.x before 5.3.1.2 and 5.4.x before 5.4.0.1 allows remote authenticated users to execute arbitrary commands as root via crafted HTTP requests, aka Bug ID CSCur25513. | 9.0 |
| 2016-08-18 | CVE-2016-1458 | Permissions, Privileges, and Access Controls vulnerability in Cisco Firepower Management Center The web-based GUI in Cisco Firepower Management Center 4.x and 5.x before 5.3.0.3, 5.3.1.x before 5.3.1.2, and 5.4.x before 5.4.0.1 and Cisco Adaptive Security Appliance (ASA) Software on 5500-X devices with FirePOWER Services 4.x and 5.x before 5.3.0.3, 5.3.1.x before 5.3.1.2, and 5.4.x before 5.4.0.1 allows remote authenticated users to increase user-account privileges via crafted HTTP requests, aka Bug ID CSCur25483. | 9.0 |