Vulnerabilities > Cisco > Secure Firewall Management Center > High

DATE CVE VULNERABILITY TITLE RISK
2019-10-02 CVE-2019-12681 SQL Injection vulnerability in Cisco Secure Firewall Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device.
network
low complexity
cisco CWE-89
8.8
2019-10-02 CVE-2019-12680 SQL Injection vulnerability in Cisco Secure Firewall Management Center 6.2.2/6.2.3
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device.
network
low complexity
cisco CWE-89
8.8
2019-10-02 CVE-2019-12679 SQL Injection vulnerability in Cisco Secure Firewall Management Center 6.2.2
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device.
network
low complexity
cisco CWE-89
8.8
2019-08-08 CVE-2019-1970 Protection Mechanism Failure vulnerability in Cisco Firepower Threat Defense
A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system.
network
low complexity
cisco CWE-693
7.5
2019-05-16 CVE-2019-1832 Protection Mechanism Failure vulnerability in Cisco Secure Firewall Management Center
A vulnerability in the detection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies.
network
low complexity
cisco CWE-693
7.5
2019-05-03 CVE-2019-1709 OS Command Injection vulnerability in Cisco products
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack.
local
low complexity
cisco CWE-78
7.8
2019-05-03 CVE-2019-1699 OS Command Injection vulnerability in Cisco Secure Firewall Management Center
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack.
local
low complexity
cisco CWE-78
7.8
2019-05-03 CVE-2019-1696 Resource Exhaustion vulnerability in Cisco products
Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition.
low complexity
cisco CWE-400
7.4
2019-01-10 CVE-2018-15458 Allocation of Resources Without Limits or Throttling vulnerability in Cisco Secure Firewall Management Center 6.2.2/6.2.3/6.3.0
A vulnerability in the Shell Access Filter feature of Cisco Firepower Management Center (FMC), when used in conjunction with remote authentication, could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-770
7.5
2018-07-16 CVE-2018-0385 Improper Input Validation vulnerability in Cisco Secure Firewall Management Center
A vulnerability in the detection engine parsing of Security Socket Layer (SSL) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting.
network
low complexity
cisco CWE-20
7.5