Vulnerabilities > Cisco > Secure Firewall Management Center > 6.2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-16 | CVE-2018-0385 | Improper Input Validation vulnerability in Cisco Secure Firewall Management Center A vulnerability in the detection engine parsing of Security Socket Layer (SSL) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. | 7.5 |
| 2018-07-16 | CVE-2018-0384 | Protection Mechanism Failure vulnerability in Cisco Secure Firewall Management Center A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. | 5.8 |
| 2018-06-21 | CVE-2018-0365 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-05-02 | CVE-2018-0283 | Cleartext Transmission of Sensitive Information vulnerability in Cisco Secure Firewall Management Center A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an instance of the Snort detection engine on an affected device, resulting in a brief denial of service (DoS) condition. | 5.8 |
| 2018-05-02 | CVE-2018-0281 | Cleartext Transmission of Sensitive Information vulnerability in Cisco Secure Firewall Management Center A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an instance of the Snort detection engine on an affected device, resulting in a brief denial of service (DoS) condition. | 5.8 |
| 2018-05-02 | CVE-2018-0278 | Incorrect Authorization vulnerability in Cisco Secure Firewall Management Center A vulnerability in the management console of Cisco Firepower System Software could allow an unauthenticated, remote attacker to access sensitive data about the system. | 6.5 |
| 2018-04-19 | CVE-2018-0233 | Resource Exhaustion vulnerability in Cisco Secure Firewall Management Center A vulnerability in the Secure Sockets Layer (SSL) packet reassembly functionality of the detection engine in Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the detection engine to consume excessive system memory on an affected device, which could cause a denial of service (DoS) condition. | 8.6 |
| 2017-10-05 | CVE-2017-12245 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco Secure Firewall Management Center A vulnerability in SSL traffic decryption for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause depletion of system memory, aka a Firepower Detection Engine SSL Decryption Memory Consumption Denial of Service vulnerability. | 8.6 |
| 2017-10-05 | CVE-2017-12244 | Improper Input Validation vulnerability in Cisco Secure Firewall Management Center A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service (DoS) condition because the Snort process restarts unexpectedly. | 8.6 |
| 2017-07-04 | CVE-2017-6717 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. | 5.4 |