Vulnerabilities > Cisco > Firepower Management Center > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-27 | CVE-2021-40114 | Memory Leak vulnerability in multiple products Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2021-10-27 | CVE-2021-40116 | Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. | 7.5 |
| 2021-08-18 | CVE-2021-34749 | Information Exposure vulnerability in Cisco products A vulnerability in Server Name Identification (SNI) request filtering of Cisco Web Security Appliance (WSA), Cisco Firepower Threat Defense (FTD), and the Snort detection engine could allow an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data from a compromised host. | 8.6 |
| 2021-01-13 | CVE-2021-1223 | Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. | 7.5 |
| 2020-10-21 | CVE-2020-3550 | Path Traversal vulnerability in Cisco products A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to perform directory traversal and access directories outside the restricted path. | 8.1 |
| 2020-10-21 | CVE-2020-3549 | Inadequate Encryption Strength vulnerability in Cisco Firepower Management Center A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to obtain the device registration hash. | 8.1 |
| 2020-10-21 | CVE-2020-3499 | Resource Exhaustion vulnerability in Cisco Firepower Management Center A vulnerability in the licensing service of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.The vulnerability is due to improper handling of system resource values by the affected system. | 8.6 |
| 2020-10-21 | CVE-2020-3410 | Improper Authentication vulnerability in Cisco Firepower Management Center 6.6.0/6.6.0.1 A vulnerability in the Common Access Card (CAC) authentication feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and access the FMC system. | 8.1 |
| 2020-09-23 | CVE-2019-15992 | Out-of-bounds Write vulnerability in Cisco products A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. | 7.2 |
| 2020-05-06 | CVE-2020-3312 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Firepower Management Center A vulnerability in the application policy configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data on an affected device. | 7.5 |