Vulnerabilities > Cisco > Secure Firewall Management Center > High

DATE CVE VULNERABILITY TITLE RISK
2021-10-27 CVE-2021-40114 Memory Leak vulnerability in multiple products
Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco snort CWE-401
7.5
2021-10-27 CVE-2021-40116 Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints.
network
low complexity
cisco snort
7.5
2021-08-18 CVE-2021-34749 Information Exposure vulnerability in Cisco products
A vulnerability in Server Name Identification (SNI) request filtering of Cisco Web Security Appliance (WSA), Cisco Firepower Threat Defense (FTD), and the Snort detection engine could allow an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data from a compromised host.
network
low complexity
cisco CWE-200
8.6
2021-01-13 CVE-2021-1223 Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP.
network
low complexity
cisco snort
7.5
2020-10-21 CVE-2020-3550 Path Traversal vulnerability in Cisco products
A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to perform directory traversal and access directories outside the restricted path.
network
low complexity
cisco CWE-22
8.1
2020-10-21 CVE-2020-3549 Inadequate Encryption Strength vulnerability in Cisco Firepower Threat Defense
A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to obtain the device registration hash.
network
high complexity
cisco CWE-326
8.1
2020-10-21 CVE-2020-3499 Resource Exhaustion vulnerability in Cisco Secure Firewall Management Center
A vulnerability in the licensing service of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.The vulnerability is due to improper handling of system resource values by the affected system.
network
low complexity
cisco CWE-400
8.6
2020-10-21 CVE-2020-3410 Improper Authentication vulnerability in Cisco Secure Firewall Management Center 6.6.0/6.6.0.1
A vulnerability in the Common Access Card (CAC) authentication feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and access the FMC system.
network
high complexity
cisco CWE-287
8.1
2020-09-23 CVE-2019-15992 Out-of-bounds Write vulnerability in Cisco products
A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device.
network
low complexity
cisco CWE-787
7.2
2020-05-06 CVE-2020-3312 Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Secure Firewall Management Center
A vulnerability in the application policy configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data on an affected device.
network
low complexity
cisco CWE-732
7.5