Cisco Firepower Threat Defense vulnerabilities

CVE-2017-6632 [HIGH] CWE-399 CVE-2017-6632: A vulnerability in the logging configuration of Secure Sockets Layer (SSL) policies for Cisco FirePO A vulnerability in the logging configuration of Secure Sockets Layer (SSL) policies for Cisco FirePOWER System Software 5.3.0 through 6.2.2 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources. The vulnerability is due to the logging of certain TCP packets by the affecte

CVE-2017-6625 [HIGH] CWE-399 CVE-2017-6625: A "Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of A "Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of Service" vulnerability in the access control policy of Cisco Firepower System Software could allow an authenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition. Th

CVE-2017-3887 [MEDIUM] CWE-755 CVE-2017-3887: A vulnerability in the detection engine that handles Secure Sockets Layer (SSL) packets for Cisco Fi A vulnerability in the detection engine that handles Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process unexpectedly restarts. This vulnerability affects Cisco Firepower System Software prior to the first fixed rel

CVE-2017-3822 [MEDIUM] CWE-20 CVE-2017-3822: A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense (FTD) Firepower Devic A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log. This vulnerability affects Cisco Firepower Threat Defense Software versions 6.1.x on the following vulnerable products that have enabled FDM: ASA55

CVE-2017-3806 [MEDIUM] CWE-78 CVE-2017-3806: A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewal A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. More Information: CSCvb61343. Known Affected Releases: 2.0(1.68). Known Fixed Releases: 2.0(1.1

CVE-2019-1833 Cisco Firepower Threat Defense Software SSL/TLS Policy Bypass Vulnerability CVE-2019-1833: Cisco Firepower Threat Defense Software SSL/TLS Policy Bypass Vulnerability A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol parser of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies. The vulnerability is due to improper parsing of specific attributes in a TLS packet header. An

CVE-2021-34752 Cisco Firepower Threat Defense Software Command Injection Vulnerabilities CVE-2021-34752: Cisco Firepower Threat Defense Software Command Injection Vulnerabilities Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the CVSS: 3.1 CWE: CWE-20, CWE-77, CWE-20, CWE-77 Bug IDs: CSCvx86283, CSCvy16559, CS

CVE-2020-3312 Cisco Firepower Threat Defense Software Information Disclosure Vulnerability CVE-2020-3312: Cisco Firepower Threat Defense Software Information Disclosure Vulnerability A vulnerability in the application policy configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data on an affected device. The vulnerability is due to insufficient application identification. An attacker could ex

CVE-2019-1832 Cisco Firepower Threat Defense Software Detection Engine Policy Bypass Vulnerability CVE-2019-1832: Cisco Firepower Threat Defense Software Detection Engine Policy Bypass Vulnerability A vulnerability in the detection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies. The vulnerability is due to improper validation of ICMP packets. An attacker could exploit this vulnerability by sendi

CVE-2019-1981 Cisco Firepower Threat Defense Software NULL Character Obfuscation Detection Bypass Vulnerability CVE-2019-1981: Cisco Firepower Threat Defense Software NULL Character Obfuscation Detection Bypass Vulnerability A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulne

CVE-2019-1699 Cisco Firepower Threat Defense Software Command Injection Vulnerability CVE-2019-1699: Cisco Firepower Threat Defense Software Command Injection Vulnerability A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting commands into arguments for a specific command. A

CVE-2019-1978 Cisco Firepower Threat Defense Software Stream Reassembly Bypass Vulnerability CVE-2019-1978: Cisco Firepower Threat Defense Software Stream Reassembly Bypass Vulnerability A vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper reassembly

CVE-2019-1982 Cisco Firepower Threat Defense Software HTTP Filtering Bypass Vulnerability CVE-2019-1982: Cisco Firepower Threat Defense Software HTTP Filtering Bypass Vulnerability A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper handling of

CVE-2021-34753 Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities CVE-2021-34753: Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. These vulnerabilities are due

CVE-2024-20351 Cisco Firepower Threat Defense Software and Cisco FirePOWER Services TCP/IP Traffic with Snort 2 and Snort 3 Denial of Service Vulnerability CVE-2024-20351: Cisco Firepower Threat Defense Software and Cisco FirePOWER Services TCP/IP Traffic with Snort 2 and Snort 3 Denial of Service Vulnerability A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense (FTD) Software and Cisco FirePOWER Services could allow an unauthen

CVE-2024-20339 Cisco Firepower Threat Defense Software for Firepower 2100 Series TLS Denial of Service Vulnerability CVE-2024-20339: Cisco Firepower Threat Defense Software for Firepower 2100 Series TLS Denial of Service Vulnerability A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is

CVE-2019-1980 Cisco Firepower Threat Defense Software Nonstandard Protocol Detection Bypass Vulnerability CVE-2019-1980: Cisco Firepower Threat Defense Software Nonstandard Protocol Detection Bypass Vulnerability A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is