Cisco Secure Firewall Management Center vulnerabilities

CVE-2021-1477 [MEDIUM] CWE-284 CVE-2021-1477: A vulnerability in an access control mechanism of Cisco Firepower Management Center (FMC) Software c A vulnerability in an access control mechanism of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to access services beyond the scope of their authorization. This vulnerability is due to insufficient enforcement of access control in the affected software. An attacker could exploit this vulnerability by di

CVE-2021-1457 [MEDIUM] CWE-79 CVE-2021-1457: Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management inte

CVE-2021-1223 [HIGH] CWE-693 CVE-2021-1223: Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could all Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected de

CVE-2021-1236 [MEDIUM] CWE-670 CVE-2021-1236: Multiple Cisco products are affected by a vulnerability in the Snort application detection engine th Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit this vulnerability by sending crafted packets that would

CVE-2021-1224 [MEDIUM] CWE-693 CVE-2021-1224: Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjun Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the

CVE-2021-1267 [MEDIUM] CWE-776 CVE-2021-1267: A vulnerability in the dashboard widget of Cisco Firepower Management Center (FMC) Software could al A vulnerability in the dashboard widget of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper restrictions on XML entities. An attacker could exploit this vulnerability by crafting an XML-based widget on

CVE-2021-1239 [MEDIUM] CWE-79 CVE-2021-1239: Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected system. The vulnerabilities exist because the web-based management interface does not properly validat

CVE-2021-1126 [MEDIUM] CWE-256 CVE-2021-1126: A vulnerability in the storage of proxy server credentials of Cisco Firepower Management Center (FMC A vulnerability in the storage of proxy server credentials of Cisco Firepower Management Center (FMC) could allow an authenticated, local attacker to view credentials for a configured proxy server. The vulnerability is due to clear-text storage and weak permissions of related configuration files. An attacker could exploit this vulnerability by accessi

CVE-2021-1238 [MEDIUM] CWE-79 CVE-2021-1238: Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected system. The vulnerabilities exist because the web-based management interface does not properly validat

CVE-2020-3549 [HIGH] CWE-326 CVE-2020-3549: A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software an A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to obtain the device registration hash. The vulnerability is due to insufficient sftunnel negotiation protection during initial device registration. An attacke

CVE-2020-3410 [HIGH] CWE-287 CVE-2020-3410: A vulnerability in the Common Access Card (CAC) authentication feature of Cisco Firepower Management A vulnerability in the Common Access Card (CAC) authentication feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and access the FMC system. The attacker must have a valid CAC to initiate the access attempt. The vulnerability is due to incorrect session invalidation during

CVE-2020-3499 [HIGH] CWE-399 CVE-2020-3499: A vulnerability in the licensing service of Cisco Firepower Management Center (FMC) Software could a A vulnerability in the licensing service of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.The vulnerability is due to improper handling of system resource values by the affected system. An attacker could exploit this vulnerability by sending malicious request

CVE-2020-3550 [HIGH] CWE-22 CVE-2020-3550: A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Fi A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to perform directory traversal and access directories outside the restricted path. The vulnerability is due to insufficient input validation. An attacker could exploit this

CVE-2020-3514 [MEDIUM] CWE-216 CVE-2020-3514: A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their Cisco FTD instance and execute commands with root privileges in the host namespace. The attacker must have valid credentials on the device.The vulnerability exists because a confi

CVE-2020-3558 [MEDIUM] CWE-601 CVE-2020-3558: A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Sof A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attacker could exploit this vulnerability by intercepting an

CVE-2020-3553 [MEDIUM] CWE-79 CVE-2020-3553: Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management inte

CVE-2020-3557 [MEDIUM] CWE-295 CVE-2020-3557: A vulnerability in the host input API daemon of Cisco Firepower Management Center (FMC) Software cou A vulnerability in the host input API daemon of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper certificate validation. An attacker could exploit this vulnerability by sending a crafted data stream t

CVE-2020-3515 [MEDIUM] CWE-79 CVE-2020-3515: Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management inte

CVE-2020-3320 [MEDIUM] CWE-79 CVE-2020-3320: A vulnerability in the web-based management interface of Cisco Firepower Management Center could all A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based ma

CVE-2019-16028 [CRITICAL] CWE-287 CVE-2019-16028: A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) cou A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) a