Vulnerabilities > Cisco > Firepower Threat Defense > High

DATE CVE VULNERABILITY TITLE RISK
2020-10-21 CVE-2020-3572 Memory Leak vulnerability in Cisco Firepower Threat Defense
A vulnerability in the SSL/TLS session handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-401
8.6
2020-10-21 CVE-2020-3571 Improper Input Validation vulnerability in Cisco Firepower Threat Defense
A vulnerability in the ICMP ingress packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 4110 appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-20
8.6
2020-10-21 CVE-2020-3563 Resource Exhaustion vulnerability in Cisco Firepower Threat Defense
A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-400
8.6
2020-10-21 CVE-2020-3562 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Firepower Threat Defense 6.3.0/6.4.0/6.5.0
A vulnerability in the SSL/TLS inspection of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-119
8.6
2020-10-21 CVE-2020-3555 Improper Resource Shutdown or Release vulnerability in Cisco Firepower Threat Defense
A vulnerability in the SIP inspection process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-404
7.5
2020-10-21 CVE-2020-3554 Resource Exhaustion vulnerability in Cisco products
A vulnerability in the TCP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-400
7.5
2020-10-21 CVE-2020-3550 Path Traversal vulnerability in Cisco products
A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to perform directory traversal and access directories outside the restricted path.
network
low complexity
cisco CWE-22
8.1
2020-10-21 CVE-2020-3549 Inadequate Encryption Strength vulnerability in Cisco Firepower Threat Defense
A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to obtain the device registration hash.
network
high complexity
cisco CWE-326
8.1
2020-10-21 CVE-2020-3533 Resource Exhaustion vulnerability in Cisco Firepower Threat Defense
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly.
network
low complexity
cisco CWE-400
7.5
2020-10-21 CVE-2020-3529 Resource Exhaustion vulnerability in Cisco products
A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-400
7.5