Cisco Firepower Management Center vulnerabilities
9 known vulnerabilities affecting cisco/firepower_management_center.
Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM9
Vulnerabilities
Page 1 of 1
CVE-2024-20410MEDIUMCVSS 6.1v6.4.0.17v6.4.0.18+12 more2024-10-23
CVE-2024-20410 [MEDIUM] CWE-79 CVE-2024-20410: A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Sof
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based man
nvd
CVE-2024-20386MEDIUMCVSS 6.1v6.4.0.17v6.4.0.18+12 more2024-10-23
CVE-2024-20386 [MEDIUM] CWE-79 CVE-2024-20386: A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Sof
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-ba
nvd
CVE-2024-20387MEDIUMCVSS 5.4v6.4.0.17v6.4.0.18+12 more2024-10-23
CVE-2024-20387 [MEDIUM] CWE-79 CVE-2024-20387: A vulnerability in the web-based management interface of Cisco FMC Software could allow an authentic
A vulnerability in the web-based management interface of Cisco FMC Software could allow an authenticated, remote attacker to store malicious content for use in XSS attacks. This vulnerability is due to improper input sanitization in the web-based management interface of Cisco FMC Software. An attacker could exploit this vulnerability by persuading a
nvd
CVE-2024-20415MEDIUMCVSS 6.1v6.4.0.17v6.4.0.18+12 more2024-10-23
CVE-2024-20415 [MEDIUM] CWE-79 CVE-2024-20415: A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Sof
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based man
nvd
CVE-2024-20388MEDIUMCVSS 5.3v6.4.0.17v6.4.0.18+12 more2024-10-23
CVE-2024-20388 [MEDIUM] CWE-202 CVE-2024-20388: A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software c
A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device.
This vulnerability is due to improper authentication of password update responses. An attacker could exploit this vulnerability by forcing a password r
nvd
CVE-2024-20403MEDIUMCVSS 5.4v6.4.0.17v6.4.0.18+13 more2024-10-23
CVE-2024-20403 [MEDIUM] CWE-79 CVE-2024-20403: A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Sof
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based manag
nvd
CVE-2024-20409MEDIUMCVSS 6.1v6.4.0.17v6.4.0.18+13 more2024-10-23
CVE-2024-20409 [MEDIUM] CWE-79 CVE-2024-20409: A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Sof
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based man
nvd
CVE-2024-20372MEDIUMCVSS 6.1v6.4.0.17v6.4.0.18+12 more2024-10-23
CVE-2024-20372 [MEDIUM] CWE-79 CVE-2024-20372: A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Sof
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-ba
nvd
CVE-2024-20379MEDIUMCVSS 6.5v7.4.0v7.4.1+1 more2024-10-23
CVE-2024-20379 [MEDIUM] CWE-36 CVE-2024-20379: A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FM
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system.
This vulnerability exists because the web-based management interface does not proper
nvd