Vulnerabilities > Cisco > Firepower Threat Defense

DATE CVE VULNERABILITY TITLE RISK
2017-05-22 CVE-2017-6632 Resource Exhaustion vulnerability in Cisco Firepower Threat Defense
A vulnerability in the logging configuration of Secure Sockets Layer (SSL) policies for Cisco FirePOWER System Software 5.3.0 through 6.2.2 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources.
network
low complexity
cisco CWE-400
7.5
2017-05-03 CVE-2017-6625 Unspecified vulnerability in Cisco Firepower Threat Defense
A "Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of Service" vulnerability in the access control policy of Cisco Firepower System Software could allow an authenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition.
network
low complexity
cisco
7.1
2017-04-07 CVE-2017-3887 Improper Handling of Exceptional Conditions vulnerability in Cisco Firepower Threat Defense 6.0.1/6.1.0/6.2.0
A vulnerability in the detection engine that handles Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process unexpectedly restarts.
network
high complexity
cisco CWE-755
5.9
2017-02-03 CVE-2017-3822 Improper Input Validation vulnerability in Cisco Firepower Threat Defense 6.1.0
A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log.
network
low complexity
cisco CWE-20
5.3
2017-02-03 CVE-2017-3806 OS Command Injection vulnerability in Cisco Firepower Threat Defense
A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device.
local
low complexity
cisco CWE-78
5.3