Cisco Firepower Threat Defense Software vulnerabilities

CVE-2022-20767 [HIGH] CWE-399 CVE-2022-20767: A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Softwa A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of the DNS reputation enforcement rule. An attacker could exploit this vulnerability by

CVE-2022-20748 [MEDIUM] CWE-664 CVE-2022-20748: A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD) Softwa A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to insufficient error handling in the local malware analysis process of an affected device. An attacker c

CVE-2021-1573 [HIGH] CWE-121 CVE-2021-1573: A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software an A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit t

CVE-2021-34704 [HIGH] CWE-121 CVE-2021-34704: A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software an A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit

CVE-2021-34755 [HIGH] CWE-20 CVE-2021-34755: Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.

CVE-2021-40114 [HIGH] CWE-770 CVE-2021-40114: Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine proces Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort detection engine is processing ICMP

CVE-2021-40116 [HIGH] CWE-241 CVE-2021-40116: Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthent Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints.

CVE-2021-34754 [HIGH] CWE-284 CVE-2021-34754: Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic f Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. These vulnerabilities are due to incomplete processing during deep packet inspection for ENIP packets. An attac

CVE-2021-34756 [HIGH] CWE-20 CVE-2021-34756: Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.

CVE-2021-34761 [MEDIUM] CWE-73 CVE-2021-34761: A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. The attacker must have administrative credentials on the device. This vulnerability is due to incomplete validation of user input for a specific CLI command. A

CVE-2021-1518 [HIGH] CWE-94 CVE-2021-1518: A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. This vulnerability is due to insufficient sanitization of user input on specific REST API commands. An attacker could exploit this vulnerab

CVE-2021-1448 [HIGH] CWE-20 CVE-2021-1448: A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authentic A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device that is running in multi-instance mode. This vulnerability is due to insufficient validation of user-supplied command arguments

CVE-2021-1402 [HIGH] CWE-119 CVE-2021-1402: A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of SSL/TLS messages when the device performs softwa

CVE-2021-1256 [MEDIUM] CWE-552 CVE-2021-1256: A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authentic A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite files on the file system of an affected device by using directory traversal techniques. A successful exploit could cause system instability if important system files are overwritten. This vulnerability is due to insuffi

CVE-2021-1495 [MEDIUM] CWE-755 CVE-2021-1495: Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could all Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this vulnerability by sending crafted HTTP packets through a

CVE-2021-1369 [MEDIUM] CWE-611 CVE-2021-1369: A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected device. This vulnerability is due to the improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could

CVE-2021-1489 [MEDIUM] CWE-400 CVE-2021-1489: A vulnerability in filesystem usage management for Cisco Firepower Device Manager (FDM) Software cou A vulnerability in filesystem usage management for Cisco Firepower Device Manager (FDM) Software could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to the insufficient management of available filesystem resources. An attacker c

CVE-2021-1223 [HIGH] CWE-693 CVE-2021-1223: Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could all Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected de

CVE-2021-1236 [MEDIUM] CWE-670 CVE-2021-1236: Multiple Cisco products are affected by a vulnerability in the Snort application detection engine th Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit this vulnerability by sending crafted packets that would

CVE-2021-1224 [MEDIUM] CWE-693 CVE-2021-1224: Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjun Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the