Vulnerabilities > Cisco > Firepower Threat Defense
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-19 | CVE-2018-0244 | Protection Mechanism Failure vulnerability in Cisco Firepower Threat Defense A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy to drop the Server Message Block (SMB) protocol if a malware file is detected. | 5.0 |
| 2018-04-19 | CVE-2018-0243 | Protection Mechanism Failure vulnerability in Cisco Firepower Threat Defense A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 (SMB2) and SMB Version 3 (SMB3) protocols if malware is detected. | 5.0 |
| 2018-04-19 | CVE-2018-0240 | Unspecified vulnerability in Cisco products Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. | 8.6 |
| 2018-04-19 | CVE-2018-0231 | Out-of-bounds Write vulnerability in Cisco products A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. | 8.6 |
| 2018-04-19 | CVE-2018-0230 | Resource Exhaustion vulnerability in Cisco products A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. | 8.6 |
| 2018-04-19 | CVE-2018-0228 | Improper Locking vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the ingress flow creation functionality of Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the CPU to increase upwards of 100% utilization, causing a denial of service (DoS) condition on an affected system. | 8.6 |
| 2018-04-19 | CVE-2018-0227 | Improper Certificate Validation vulnerability in Cisco products A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to establish an SSL VPN connection and bypass certain SSL certificate verification steps. | 5.0 |
| 2018-02-08 | CVE-2018-0138 | Protection Mechanism Failure vulnerability in Cisco Firepower Threat Defense A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass file policies that are configured to block files transmitted to an affected device via the BitTorrent protocol. | 5.0 |
| 2018-01-29 | CVE-2018-0101 | Double Free vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. | 10.0 |
| 2017-05-22 | CVE-2017-6632 | Resource Exhaustion vulnerability in Cisco Firepower Threat Defense A vulnerability in the logging configuration of Secure Sockets Layer (SSL) policies for Cisco FirePOWER System Software 5.3.0 through 6.2.2 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources. | 7.8 |