Cisco Firepower Management Center vulnerabilities
135 known vulnerabilities affecting cisco/cisco_firepower_management_center.
Total CVEs
135
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL5HIGH31MEDIUM99
Vulnerabilities
Page 6 of 7
CVE-2019-1982MEDIUMCVSS 5.3≥ unspecified, < n/a2019-11-05
CVE-2019-1982 [MEDIUM] CWE-264 CVE-2019-1982: A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software,
A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper handling of HTTP requests, including those com
cvelistv5nvd
CVE-2019-15269MEDIUMCVSS 4.8≥ unspecified, < n/a2019-10-16
CVE-2019-15269 [MEDIUM] CWE-79 CVE-2019-15269: Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based man
cvelistv5nvd
CVE-2019-15280MEDIUMCVSS 4.8≥ unspecified, < n/a2019-10-16
CVE-2019-15280 [MEDIUM] CWE-79 CVE-2019-15280: A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Sof
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based
cvelistv5nvd
CVE-2019-15268MEDIUMCVSS 4.8≥ unspecified, < n/a2019-10-16
CVE-2019-15268 [MEDIUM] CWE-79 CVE-2019-15268: Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based man
cvelistv5nvd
CVE-2019-15270MEDIUMCVSS 5.4≥ unspecified, < n/a2019-10-16
CVE-2019-15270 [MEDIUM] CWE-79 CVE-2019-15270: A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) cou
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management int
cvelistv5nvd
CVE-2019-12679HIGHCVSS 8.8≥ unspecified, < n/a2019-10-02
CVE-2019-12679 [HIGH] CWE-89 CVE-2019-12679: Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could exploit these vulnerabilities by sending crafted SQL qu
cvelistv5nvd
CVE-2019-12688HIGHCVSS 8.8≥ unspecified, < n/a2019-10-02
CVE-2019-12688 [HIGH] CWE-119 CVE-2019-12688: A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenti
A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow
cvelistv5nvd
CVE-2019-12683HIGHCVSS 8.8≥ unspecified, < n/a2019-10-02
CVE-2019-12683 [HIGH] CWE-89 CVE-2019-12683: Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could exploit these vulnerabilities by sending crafted SQL qu
cvelistv5nvd
CVE-2019-12689HIGHCVSS 8.8≥ unspecified, < n/a2019-10-02
CVE-2019-12689 [HIGH] CWE-20 CVE-2019-12689: A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Sof
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending mal
cvelistv5nvd
CVE-2019-12687HIGHCVSS 8.8≥ unspecified, < n/a2019-10-02
CVE-2019-12687 [HIGH] CWE-119 CVE-2019-12687: A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenti
A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow
cvelistv5nvd
CVE-2019-12684HIGHCVSS 8.8≥ unspecified, < n/a2019-10-02
CVE-2019-12684 [HIGH] CWE-89 CVE-2019-12684: Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could exploit these vulnerabilities by sending crafted SQL qu
cvelistv5nvd
CVE-2019-12690HIGHCVSS 7.2≥ unspecified, < n/a2019-10-02
CVE-2019-12690 [HIGH] CWE-78 CVE-2019-12690: A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenti
A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with the privileges of the root user of the underlying operating system. The vulnerability is due to insufficient validation of user-supplied input to the web UI. An attacker could exp
cvelistv5nvd
CVE-2019-12681HIGHCVSS 8.8≥ unspecified, < n/a2019-10-02
CVE-2019-12681 [HIGH] CWE-89 CVE-2019-12681: Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could exploit these vulnerabilities by sending crafted SQL qu
cvelistv5nvd
CVE-2019-12685HIGHCVSS 8.8≥ unspecified, < n/a2019-10-02
CVE-2019-12685 [HIGH] CWE-89 CVE-2019-12685: Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could exploit these vulnerabilities by sending crafted SQL qu
cvelistv5nvd
CVE-2019-12682HIGHCVSS 8.8≥ unspecified, < n/a2019-10-02
CVE-2019-12682 [HIGH] CWE-89 CVE-2019-12682: Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could exploit these vulnerabilities by sending crafted SQL qu
cvelistv5nvd
CVE-2019-12686HIGHCVSS 8.8≥ unspecified, < n/a2019-10-02
CVE-2019-12686 [HIGH] CWE-89 CVE-2019-12686: Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could exploit these vulnerabilities by sending crafted SQL qu
cvelistv5nvd
CVE-2019-12680HIGHCVSS 8.8≥ unspecified, < n/a2019-10-02
CVE-2019-12680 [HIGH] CWE-89 CVE-2019-12680: Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could exploit these vulnerabilities by sending crafted SQL qu
cvelistv5nvd
CVE-2019-12691MEDIUMCVSS 4.9≥ unspecified, < n/a2019-10-02
CVE-2019-12691 [MEDIUM] CWE-22 CVE-2019-12691: A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Sof
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerabi
cvelistv5nvd
CVE-2019-12701MEDIUMCVSS 5.8≥ unspecified, < n/a2019-10-02
CVE-2019-12701 [MEDIUM] CWE-20 CVE-2019-12701: A vulnerability in the file and malware inspection feature of Cisco Firepower Management Center (FMC
A vulnerability in the file and malware inspection feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass the file and malware inspection policies on an affected system. The vulnerability exists because the affected software insufficiently validates incoming traffic. An attacker could exp
cvelistv5nvd
CVE-2019-12700MEDIUMCVSS 6.5≥ unspecified, < n/a2019-10-02
CVE-2019-12700 [MEDIUM] CWE-400 CVE-2019-12700: A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco Fire
A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco Firepower Threat Defense (FTD) Software, Cisco Firepower Management Center (FMC) Software, and Cisco FXOS Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper resource ma
cvelistv5nvd