Vulnerabilities > Cisco > Firepower Management Center > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-11-15 CVE-2022-20936 Cross-site Scripting vulnerability in Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface.
network
low complexity
cisco CWE-79
4.8
2022-11-15 CVE-2022-20938 XXE vulnerability in Cisco Firepower Management Center
A vulnerability in the module import function of the administrative interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to view sensitive information. This vulnerability is due to insufficient validation of the XML syntax when importing a module.
network
low complexity
cisco CWE-611
4.3
2022-11-15 CVE-2022-20941 Missing Authorization vulnerability in Cisco Firepower Management Center
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to access sensitive information. This vulnerability is due to missing authorization for certain resources in the web-based management interface together with insufficient entropy in these resource names.
network
low complexity
cisco CWE-862
5.3
2022-05-03 CVE-2022-20627 Cross-site Scripting vulnerability in Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
cisco CWE-79
5.4
2022-05-03 CVE-2022-20628 Cross-site Scripting vulnerability in Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
cisco CWE-79
5.4
2022-05-03 CVE-2022-20629 Cross-site Scripting vulnerability in Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
cisco CWE-79
5.4
2022-05-03 CVE-2022-20740 Cross-site Scripting vulnerability in Cisco Firepower Management Center
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack.
network
low complexity
cisco CWE-79
6.1
2022-05-03 CVE-2022-20744 Unspecified vulnerability in Cisco Firepower Management Center
A vulnerability in the input protection mechanisms of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to view data without proper authorization.
network
low complexity
cisco
6.5
2021-04-29 CVE-2021-1477 Unspecified vulnerability in Cisco Firepower Management Center
A vulnerability in an access control mechanism of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to access services beyond the scope of their authorization.
network
low complexity
cisco
4.3
2021-04-29 CVE-2021-1458 Cross-site Scripting vulnerability in Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
cisco CWE-79
4.8