Cisco Firepower Threat Defense Software vulnerabilities

170 known vulnerabilities affecting cisco/cisco_firepower_threat_defense_software.

Total CVEs

170

CISA KEV

4

actively exploited

Public exploits

1

Exploited in wild

4

Severity breakdown

CRITICAL2HIGH82MEDIUM86

Vulnerabilities

Page 9 of 9

CVE-2018-15462HIGHCVSS 7.5≥ unspecified, < 6.2.3.12≥ unspecified, < 6.3.0.32019-05-03

CVE-2018-15462 [HIGH] CWE-399 CVE-2018-15462: A vulnerability in the TCP ingress handler for the data interfaces that are configured with manageme A vulnerability in the TCP ingress handler for the data interfaces that are configured with management access to Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an increase in CPU and memory usage, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient ingress T

CVE-2019-1703HIGHCVSS 8.6≥ unspecified, < 6.2.3.122019-05-03

CVE-2019-1703 [HIGH] CWE-400 CVE-2019-1703: A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (F A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for the Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error, which may

CVE-2019-1715HIGHCVSS 7.5≥ unspecified, < 6.2.3.12≥ unspecified, < 6.3.0.32019-05-03

CVE-2019-1715 [HIGH] CWE-332 CVE-2019-1715: A vulnerability in the Deterministic Random Bit Generator (DRBG), also known as Pseudorandom Number A vulnerability in the Deterministic Random Bit Generator (DRBG), also known as Pseudorandom Number Generator (PRNG), used in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private k

CVE-2019-1695MEDIUMCVSS 6.5≥ unspecified, < 6.2.3.12≥ unspecified, < 6.3.0.32019-05-03

CVE-2019-1695 [MEDIUM] CWE-284 CVE-2019-1695: A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisc A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. The vulnerability exists because the software improperly filters Ethernet frames sent to an affected d

CVE-2019-1693MEDIUMCVSS 6.5≥ unspecified, < 6.2.3.12≥ unspecified, < 6.3.0.32019-05-03

CVE-2019-1693 [MEDIUM] CWE-399 CVE-2019-1693: A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper management of authenticated sessions in the WebVPN portal. An a

CVE-2019-1701MEDIUMCVSS 4.8≥ unspecified, < 6.2.3.12≥ unspecified, < 6.3.0.32019-05-03

CVE-2019-1701 [MEDIUM] CWE-79 CVE-2019-1701: Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software a Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the WebVPN portal of an affected device. The vulnerabilities exist because the software insuff

CVE-2019-1691MEDIUMCVSS 5.8≥ unspecified, < 6.2.3.42019-02-21

CVE-2019-1691 [MEDIUM] CWE-20 CVE-2019-1691: A vulnerability in the detection engine of Cisco Firepower Threat Defense Software could allow an un A vulnerability in the detection engine of Cisco Firepower Threat Defense Software could allow an unauthenticated, remote attacker to cause the unexpected restart of the SNORT detection engine, resulting in a denial of service (DoS) condition. The vulnerability is due to the incomplete error handling of the SSL or TLS packet header during the connectio

CVE-2019-1669HIGHCVSS 8.6vn/a2019-01-24

CVE-2019-1669 [HIGH] CWE-693 CVE-2019-1669: A vulnerability in the data acquisition (DAQ) component of Cisco Firepower Threat Defense (FTD) Soft A vulnerability in the data acquisition (DAQ) component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies or cause a denial of service (DoS) condition. The vulnerability exists because the affected software improperly manages system memory resources when inspecti

CVE-2018-15390MEDIUMCVSS 6.8vn/a2018-10-05

CVE-2018-15390 [MEDIUM] CWE-399 CVE-2018-15390: A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software fails to release spinlocks when a device is running low on system

CVE-2018-0297MEDIUMCVSS 5.8vCisco Firepower Threat Defense Software2018-05-17

CVE-2018-0297 [MEDIUM] CWE-693 CVE-2018-0297: A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an unauthenticated, remote attacker to bypass a configu A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an unauthenticated, remote attacker to bypass a configured Secure Sockets Layer (SSL) Access Control (AC) policy to block SSL traffic. The vulnerability is due to the incorrect handling of TCP SSL packets rec

← Previous9 / 9