Vulnerabilities > Cisco > Secure Firewall Management Center > 6.2.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-23 | CVE-2019-16028 | Improper Authentication vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. | 9.8 |
| 2020-09-23 | CVE-2019-15992 | Out-of-bounds Write vulnerability in Cisco products A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. | 7.2 |
| 2020-05-06 | CVE-2020-3313 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the FMC Software. | 6.1 |
| 2020-05-06 | CVE-2020-3311 | Open Redirect vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. | 6.1 |
| 2020-05-06 | CVE-2020-3308 | Improper Verification of Cryptographic Signature vulnerability in Cisco products A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrator-level credentials to install a malicious software patch on an affected device. | 4.9 |
| 2020-05-06 | CVE-2020-3307 | Improper Input Validation vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to write arbitrary entries to the log file on an affected device. | 5.3 |
| 2020-05-06 | CVE-2020-3302 | Improper Input Validation vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to overwrite files on the file system of an affected device. | 8.1 |
| 2019-10-02 | CVE-2019-12700 | Unspecified vulnerability in Cisco products A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco Firepower Threat Defense (FTD) Software, Cisco Firepower Management Center (FMC) Software, and Cisco FXOS Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. | 6.5 |
| 2019-10-02 | CVE-2019-12691 | Path Traversal vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. | 4.9 |
| 2019-10-02 | CVE-2019-12690 | OS Command Injection vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with the privileges of the root user of the underlying operating system. | 7.2 |