Vulnerabilities > Cisco > Firepower Threat Defense > 7.4.1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-23 | CVE-2024-20412 | Use of Hard-coded Credentials vulnerability in Cisco Firepower Threat Defense A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials. This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. | 8.4 |
2024-10-23 | CVE-2024-20431 | Unspecified vulnerability in Cisco Firepower Threat Defense A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy. This vulnerability is due to improper assignment of geolocation data. | 5.8 |
2023-10-10 | CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | 7.5 |