Vulnerabilities > Cisco > Secure Firewall Management Center > 7.2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-23 | CVE-2024-20482 | Incorrect Authorization vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to elevate privileges on an affected device. | 6.5 |
| 2024-10-23 | CVE-2024-20264 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. | 5.4 |
| 2024-10-23 | CVE-2024-20269 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. | 5.4 |
| 2024-10-23 | CVE-2024-20273 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. | 6.1 |
| 2024-10-23 | CVE-2024-20300 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. | 5.4 |
| 2024-10-23 | CVE-2024-20340 | SQL Injection vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to perform an SQL injection attack against an affected device. | 6.5 |
| 2024-05-22 | CVE-2024-20360 | SQL Injection vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. | 8.8 |
| 2023-11-01 | CVE-2023-20048 | Incorrect Authorization vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute certain unauthorized configuration commands on a Firepower Threat Defense (FTD) device that is managed by the FMC Software. | 9.9 |
| 2023-11-01 | CVE-2023-20219 | Command Injection vulnerability in Cisco Secure Firewall Management Center Multiple vulnerabilities in the web management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. | 8.8 |
| 2023-11-01 | CVE-2023-20220 | Command Injection vulnerability in Cisco Secure Firewall Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. | 8.8 |