Cisco Firepower 9000 Firmware vulnerabilities

CVE-2019-1649 [MEDIUM] CWE-284 CVE-2019-1649: A vulnerability in the logic that handles access control to one of the hardware components in Cisco' A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vuln

CVE-2019-1700 [MEDIUM] CWE-399 CVE-2019-1700: A vulnerability in field-programmable gate array (FPGA) ingress buffer management for the Cisco Fire A vulnerability in field-programmable gate array (FPGA) ingress buffer management for the Cisco Firepower 9000 Series with the Cisco Firepower 2-port 100G double-width network module (PID: FPR9K-DNM-2X100G) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. Manual intervention may be required before a devic

CVE-2018-0305 [HIGH] CWE-476 CVE-2018-0305: A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Softwa A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets. An attacker could exploi

CVE-2018-0304 [CRITICAL] CWE-20 CVE-2018-0304: A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Softwa A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to read sensitive memory content, create a denial of service (DoS) condition, or execute arbitrary code as root. The vulnerability exists because the affected software insufficiently validates Cisco Fa

CVE-2018-0314 [CRITICAL] CWE-20 CVE-2018-0314: A vulnerability in the Cisco Fabric Services (CFS) component of Cisco FXOS Software and Cisco NX-OS A vulnerability in the Cisco Fabric Services (CFS) component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packet headers when the software processes pa

CVE-2018-0308 [CRITICAL] CWE-20 CVE-2018-0308: A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Softwa A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. A

CVE-2018-0312 [CRITICAL] CWE-20 CVE-2018-0312: A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Softwa A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packe