Vulnerabilities > Cisco > Sourcefire Defense Center

DATE CVE VULNERABILITY TITLE RISK
2021-10-27 CVE-2021-34755 OS Command Injection vulnerability in Cisco products
Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges.
local
low complexity
cisco CWE-78
7.8
2021-10-27 CVE-2021-34756 OS Command Injection vulnerability in Cisco products
Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges.
local
low complexity
cisco CWE-78
7.8
2021-10-27 CVE-2021-34761 Exposure of Resource to Wrong Sphere vulnerability in Cisco products
A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges.
local
low complexity
cisco CWE-668
6.0
2021-10-27 CVE-2021-34762 Path Traversal vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device.
network
low complexity
cisco CWE-22
8.1
2021-10-27 CVE-2021-34763 Cross-site Scripting vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack.
network
low complexity
cisco CWE-79
4.8
2021-10-27 CVE-2021-34764 Open Redirect vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack.
network
low complexity
cisco CWE-601
6.1
2021-10-27 CVE-2021-34781 Improper Handling of Exceptional Conditions vulnerability in Cisco products
A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device.
network
low complexity
cisco CWE-755
7.5
2020-10-08 CVE-2020-3320 Cross-site Scripting vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.
network
low complexity
cisco CWE-79
5.4