Vulnerabilities > Cisco > Firepower Threat Defense > 6.3.0.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-02-26 | CVE-2020-3166 | Improper Input Validation vulnerability in Cisco products A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). | 6.7 |
2019-10-02 | CVE-2019-12698 | Unspecified vulnerability in Cisco Adaptive Security Appliance A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. | 7.5 |
2019-10-02 | CVE-2019-12695 | Cross-site Scripting vulnerability in Cisco Adaptive Security Appliance A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
2019-10-02 | CVE-2019-12675 | Improper Encoding or Escaping of Output vulnerability in Cisco products Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. | 7.2 |
2019-10-02 | CVE-2019-12674 | Improper Encoding or Escaping of Output vulnerability in Cisco products Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. | 7.2 |
2019-08-21 | CVE-2019-12627 | Improper Access Control vulnerability in Cisco Firepower Threat Defense A vulnerability in the application policy configuration of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data. | 5.0 |
2019-08-08 | CVE-2019-1970 | Protection Mechanism Failure vulnerability in Cisco products A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. | 5.0 |