Vulnerabilities > Cisco > Firepower Threat Defense
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-05 | CVE-2018-15398 | Unspecified vulnerability in Cisco products A vulnerability in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control list (ACL) that is configured for an interface of an affected device. | 4.0 |
| 2018-10-05 | CVE-2018-15390 | Improper Locking vulnerability in Cisco Firepower Threat Defense A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 7.1 |
| 2018-10-05 | CVE-2018-15383 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco products A vulnerability in the cryptographic hardware accelerator driver of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a temporary denial of service (DoS) condition. | 7.5 |
| 2018-10-05 | CVE-2018-0453 | OS Command Injection vulnerability in Cisco Firepower Threat Defense A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Threat Defense (FTD) sensors could allow an authenticated, local attacker to execute specific CLI commands with root privileges on the Cisco Firepower Management Center (FMC), or through Cisco FMC on other Firepower sensors and devices that are controlled by the same Cisco FMC. | 7.2 |
| 2018-06-07 | CVE-2018-0296 | Path Traversal vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. | 7.5 |
| 2018-05-17 | CVE-2018-0297 | Protection Mechanism Failure vulnerability in Cisco Firepower Threat Defense A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an unauthenticated, remote attacker to bypass a configured Secure Sockets Layer (SSL) Access Control (AC) policy to block SSL traffic. | 5.0 |
| 2018-04-19 | CVE-2018-0254 | Protection Mechanism Failure vulnerability in Cisco Firepower Threat Defense A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypass (IAB) with a drop percentage threshold is also configured. | 5.0 |
| 2018-04-19 | CVE-2018-0244 | Protection Mechanism Failure vulnerability in Cisco Firepower Threat Defense A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy to drop the Server Message Block (SMB) protocol if a malware file is detected. | 5.0 |
| 2018-04-19 | CVE-2018-0243 | Protection Mechanism Failure vulnerability in Cisco Firepower Threat Defense A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 (SMB2) and SMB Version 3 (SMB3) protocols if malware is detected. | 5.0 |
| 2018-04-19 | CVE-2018-0240 | Unspecified vulnerability in Cisco products Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. | 8.6 |