Vulnerabilities > Cisco > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-11-01 CVE-2023-20267 Unspecified vulnerability in Cisco Firepower Threat Defense
A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions.
network
low complexity
cisco
5.3
2023-11-01 CVE-2023-20005 Cross-site Scripting vulnerability in Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device.
network
low complexity
cisco CWE-79
6.1
2023-11-01 CVE-2023-20041 Cross-site Scripting vulnerability in Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device.
network
low complexity
cisco CWE-79
6.1
2023-11-01 CVE-2023-20074 Cross-site Scripting vulnerability in Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device.
network
low complexity
cisco CWE-79
6.1
2023-11-01 CVE-2023-20114 Improper Input Validation vulnerability in Cisco Firepower Management Center
A vulnerability in the file download feature of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to download arbitrary files from an affected system.
network
low complexity
cisco CWE-20
6.5
2023-11-01 CVE-2023-20155 Resource Exhaustion vulnerability in Cisco Firepower Management Center
A vulnerability in a logging API in Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause the device to become unresponsive or trigger an unexpected reload.
network
low complexity
cisco CWE-400
6.5
2023-11-01 CVE-2023-20177 Unspecified vulnerability in Cisco Firepower Threat Defense
A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3 detection engine could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart.
network
high complexity
cisco
4.0
2023-11-01 CVE-2023-20206 Cross-site Scripting vulnerability in Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device.
network
low complexity
cisco CWE-79
6.1
2023-11-01 CVE-2023-20213 Unspecified vulnerability in Cisco Identity Services Engine
A vulnerability in the CDP processing feature of Cisco ISE could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of the CDP process on an affected device.
low complexity
cisco
4.3
2023-11-01 CVE-2023-20245 Unspecified vulnerability in Cisco Adaptive Security Appliance Software
Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device.
network
low complexity
cisco
5.8