Vulnerabilities > Cisco > Firepower Threat Defense > 6.2.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-06 | CVE-2020-3303 | Resource Exhaustion vulnerability in Cisco Adaptive Security Appliance A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.5 |
| 2020-05-06 | CVE-2020-3298 | Out-of-bounds Read vulnerability in Cisco Firepower Threat Defense A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the reload of an affected device, resulting in a denial of service (DoS) condition. | 7.5 |
| 2020-05-06 | CVE-2020-3253 | Unspecified vulnerability in Cisco Firepower Threat Defense A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. | 7.2 |
| 2020-02-26 | CVE-2020-3167 | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). | 7.8 |
| 2020-02-26 | CVE-2020-3166 | Improper Input Validation vulnerability in Cisco products A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). | 6.7 |
| 2019-10-02 | CVE-2019-15256 | Resource Exhaustion vulnerability in Cisco products A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. | 8.6 |
| 2019-10-02 | CVE-2019-12700 | Unspecified vulnerability in Cisco products A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco Firepower Threat Defense (FTD) Software, Cisco Firepower Management Center (FMC) Software, and Cisco FXOS Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. | 6.5 |
| 2019-10-02 | CVE-2019-12699 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute commands on the underlying operating system (OS) with root privileges. | 7.8 |
| 2019-10-02 | CVE-2019-12698 | Unspecified vulnerability in Cisco Adaptive Security Appliance A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. | 7.5 |
| 2019-10-02 | CVE-2019-12695 | Cross-site Scripting vulnerability in Cisco Adaptive Security Appliance A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |