Vulnerabilities > Cisco > Firepower Management Center > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-21 | CVE-2020-3557 | Improper Certificate Validation vulnerability in Cisco Firepower Management Center A vulnerability in the host input API daemon of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 5.3 |
| 2020-10-21 | CVE-2020-3553 | Cross-site Scripting vulnerability in Cisco Firepower Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 6.1 |
| 2020-10-21 | CVE-2020-3515 | Cross-site Scripting vulnerability in Cisco Firepower Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 6.1 |
| 2020-10-21 | CVE-2020-3514 | Unspecified vulnerability in Cisco products A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their Cisco FTD instance and execute commands with root privileges in the host namespace. | 6.7 |
| 2020-10-08 | CVE-2020-3320 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 5.4 |
| 2020-05-06 | CVE-2020-3315 | Exposure of Resource to Wrong Sphere vulnerability in Cisco products Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. | 5.3 |
| 2020-05-06 | CVE-2020-3313 | Cross-site Scripting vulnerability in Cisco Firepower Management Center A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the FMC Software. | 6.1 |
| 2020-05-06 | CVE-2020-3311 | Open Redirect vulnerability in Cisco Firepower Management Center A vulnerability in the web interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. | 6.1 |
| 2020-05-06 | CVE-2020-3308 | Improper Verification of Cryptographic Signature vulnerability in Cisco products A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrator-level credentials to install a malicious software patch on an affected device. | 4.9 |
| 2020-05-06 | CVE-2020-3307 | Improper Input Validation vulnerability in Cisco Firepower Management Center A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to write arbitrary entries to the log file on an affected device. | 5.3 |