Vulnerabilities > Cisco > Secure Firewall Management Center > 6.1.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-02 | CVE-2019-12683 | SQL Injection vulnerability in Cisco Secure Firewall Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. | 8.8 |
| 2019-08-08 | CVE-2019-1949 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. | 4.8 |
| 2019-05-16 | CVE-2019-1833 | Protection Mechanism Failure vulnerability in Cisco Secure Firewall Management Center A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol parser of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies. | 5.8 |
| 2019-05-03 | CVE-2019-1699 | OS Command Injection vulnerability in Cisco Secure Firewall Management Center A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack. | 7.8 |
| 2019-02-07 | CVE-2019-1671 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. | 6.1 |
| 2018-07-16 | CVE-2018-0385 | Improper Input Validation vulnerability in Cisco Secure Firewall Management Center A vulnerability in the detection engine parsing of Security Socket Layer (SSL) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. | 7.5 |
| 2018-07-16 | CVE-2018-0384 | Protection Mechanism Failure vulnerability in Cisco Secure Firewall Management Center A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. | 5.8 |
| 2018-06-21 | CVE-2018-0365 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-05-02 | CVE-2018-0283 | Cleartext Transmission of Sensitive Information vulnerability in Cisco Secure Firewall Management Center A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an instance of the Snort detection engine on an affected device, resulting in a brief denial of service (DoS) condition. | 5.8 |
| 2018-05-02 | CVE-2018-0281 | Cleartext Transmission of Sensitive Information vulnerability in Cisco Secure Firewall Management Center A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an instance of the Snort detection engine on an affected device, resulting in a brief denial of service (DoS) condition. | 5.8 |