Vulnerabilities > Cisco > Firepower Threat Defense > 6.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-02 | CVE-2019-12695 | Cross-site Scripting vulnerability in Cisco Adaptive Security Appliance A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2019-10-02 | CVE-2019-12694 | Improper Input Validation vulnerability in Cisco Firepower Threat Defense A vulnerability in the command line interface (CLI) of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker with administrative privileges to execute commands on the underlying operating system with root privileges. | 6.7 |
| 2019-10-02 | CVE-2019-12678 | Integer Underflow (Wrap or Wraparound) vulnerability in Cisco products A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2019-10-02 | CVE-2019-12676 | Unspecified vulnerability in Cisco Adaptive Security Appliance A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. low complexity cisco | 7.4 |
| 2019-10-02 | CVE-2019-12675 | Improper Encoding or Escaping of Output vulnerability in Cisco products Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. | 8.8 |
| 2019-10-02 | CVE-2019-12674 | Improper Encoding or Escaping of Output vulnerability in Cisco products Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. | 8.2 |
| 2019-10-02 | CVE-2019-12673 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2019-08-21 | CVE-2019-12627 | Unspecified vulnerability in Cisco Firepower Threat Defense A vulnerability in the application policy configuration of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data. | 7.5 |
| 2019-08-08 | CVE-2019-1970 | Protection Mechanism Failure vulnerability in Cisco Firepower Threat Defense A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. | 7.5 |
| 2019-05-03 | CVE-2019-1697 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 7.5 |