Filtered by vendor Cisco
Subscriptions
Filtered by product Firepower Threat Defense
Subscriptions
Total
205 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-3255 | 1 Cisco | 25 Asa 5505, Asa 5505 Firmware, Asa 5510 and 22 more | 2024-11-21 | 7.5 High |
| A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states. | ||||
| CVE-2020-3254 | 1 Cisco | 26 Adaptive Security Appliance Software, Asa 5505, Asa 5505 Firmware and 23 more | 2024-11-21 | 7.5 High |
| Multiple vulnerabilities in the Media Gateway Control Protocol (MGCP) inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerabilities are due to inefficient memory management. An attacker could exploit these vulnerabilities by sending crafted MGCP packets through an affected device. An exploit could allow the attacker to cause memory exhaustion resulting in a restart of an affected device, causing a DoS condition for traffic traversing the device. | ||||
| CVE-2020-3253 | 1 Cisco | 1 Firepower Threat Defense | 2024-11-21 | 6.7 Medium |
| A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by enabling the support tunnel, setting a key, and deriving the tunnel password. A successful exploit could allow the attacker to run any system command with root access on an affected device. | ||||
| CVE-2020-3196 | 1 Cisco | 26 Adaptive Security Appliance Software, Asa 5505, Asa 5505 Firmware and 23 more | 2024-11-21 | 8.6 High |
| A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust memory resources on the affected device, leading to a denial of service (DoS) condition. The vulnerability is due to improper resource management for inbound SSL/TLS connections. An attacker could exploit this vulnerability by establishing multiple SSL/TLS connections with specific conditions to the affected device. A successful exploit could allow the attacker to exhaust the memory on the affected device, causing the device to stop accepting new SSL/TLS connections and resulting in a DoS condition for services on the device that process SSL/TLS traffic. Manual intervention is required to recover an affected device. | ||||
| CVE-2020-3195 | 1 Cisco | 26 Adaptive Security Appliance Software, Asa 5505, Asa 5505 Firmware and 23 more | 2024-11-21 | 7.5 High |
| A vulnerability in the Open Shortest Path First (OSPF) implementation in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to incorrect processing of certain OSPF packets. An attacker could exploit this vulnerability by sending a series of crafted OSPF packets to be processed by an affected device. A successful exploit could allow the attacker to continuously consume memory on an affected device and eventually cause it to reload, resulting in a denial of service (DoS) condition. | ||||
| CVE-2020-3191 | 1 Cisco | 26 Adaptive Security Appliance Software, Asa 5505, Asa 5505 Firmware and 23 more | 2024-11-21 | 8.6 High |
| A vulnerability in DNS over IPv6 packet processing for Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper length validation of a field in an IPv6 DNS packet. An attacker could exploit this vulnerability by sending a crafted DNS query over IPv6, which traverses the affected device. An exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to DNS over IPv6 traffic only. | ||||
| CVE-2020-3189 | 1 Cisco | 25 Asa 5505, Asa 5505 Firmware, Asa 5510 and 22 more | 2024-11-21 | 8.6 High |
| A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak that can deplete system memory over time, which can cause unexpected system behaviors or device crashes. The vulnerability is due to the system memory not being properly freed for a VPN System Logging event generated when a VPN session is created or deleted. An attacker could exploit this vulnerability by repeatedly creating or deleting a VPN tunnel connection, which could leak a small amount of system memory for each logging event. A successful exploit could allow the attacker to cause system memory depletion, which can lead to a systemwide denial of service (DoS) condition. The attacker does not have any control of whether VPN System Logging is configured or not on the device, but it is enabled by default. | ||||
| CVE-2020-3188 | 1 Cisco | 25 Asa 5505, Asa 5505 Firmware, Asa 5510 and 22 more | 2024-11-21 | 5.3 Medium |
| A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of service (DoS) condition. The vulnerability exists because the default session timeout period for specific to-the-box remote management connections is too long. An attacker could exploit this vulnerability by sending a large and sustained number of crafted remote management connections to an affected device, resulting in a buildup of those connections over time. A successful exploit could allow the attacker to cause the remote management interface or Cisco Firepower Device Manager (FDM) to stop responding and cause other management functions to go offline, resulting in a DoS condition. The user traffic that is flowing through the device would not be affected, and the DoS condition would be isolated to remote management only. | ||||
| CVE-2020-3187 | 1 Cisco | 26 Adaptive Security Appliance Software, Asa 5505, Asa 5505 Firmware and 23 more | 2024-11-21 | 9.1 Critical |
| A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences. An exploit could allow the attacker to view or delete arbitrary files on the targeted system. When the device is reloaded after exploitation of this vulnerability, any files that were deleted are restored. The attacker can only view and delete files within the web services file system. This file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability can not be used to obtain access to ASA or FTD system files or underlying operating system (OS) files. Reloading the affected device will restore all files within the web services file system. | ||||
| CVE-2020-3186 | 1 Cisco | 25 Asa 5505, Asa 5505 Firmware, Asa 5510 and 22 more | 2024-11-21 | 5.3 Medium |
| A vulnerability in the management access list configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured management interface access list on an affected system. The vulnerability is due to the configuration of different management access lists, with ports allowed in one access list and denied in another. An attacker could exploit this vulnerability by sending crafted remote management traffic to the local IP address of an affected system. A successful exploit could allow the attacker to bypass the configured management access list policies, and traffic to the management interface would not be properly denied. | ||||
| CVE-2020-3179 | 1 Cisco | 25 Asa 5505, Asa 5505 Firmware, Asa 5510 and 22 more | 2024-11-21 | 7.5 High |
| A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory handling error when GRE over IPv6 traffic is processed. An attacker could exploit this vulnerability by sending crafted GRE over IPv6 packets with either IPv4 or IPv6 payload through an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition. | ||||
| CVE-2020-3167 | 1 Cisco | 27 Adaptive Security Appliance Software, Firepower 1010, Firepower 1120 and 24 more | 2024-11-21 | 7.8 High |
| A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges. | ||||
| CVE-2020-3166 | 1 Cisco | 19 Adaptive Security Appliance Software, Firepower 1010, Firepower 1120 and 16 more | 2024-11-21 | 6.7 Medium |
| A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to a specific CLI command. A successful exploit could allow the attacker to read or write to arbitrary files on the underlying OS. | ||||
| CVE-2019-1982 | 1 Cisco | 3 Firepower Management Center, Firepower Services Software For Asa, Firepower Threat Defense | 2024-11-21 | 5.3 Medium |
| A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper handling of HTTP requests, including those communicated over a secure HTTPS connection, that contain maliciously crafted headers. An attacker could exploit this vulnerability by sending malicious requests to an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems, allowing attackers to deliver malicious content that would otherwise be blocked. | ||||
| CVE-2019-1981 | 1 Cisco | 3 Firepower Management Center, Firepower Services Software For Asa, Firepower Threat Defense | 2024-11-21 | 5.8 Medium |
| A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to insufficient normalization of a text-based payload. An attacker could exploit this vulnerability by sending traffic that contains specifically obfuscated payloads through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious payloads to protected systems that would otherwise be blocked. | ||||
| CVE-2019-1980 | 1 Cisco | 3 Firepower Management Center, Firepower Services Software For Asa, Firepower Threat Defense | 2024-11-21 | 5.3 Medium |
| A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper detection of the initial use of a protocol on a nonstandard port. An attacker could exploit this vulnerability by sending traffic on a nonstandard port for the protocol in use through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked. Once the initial protocol flow on the nonstandard port is detected, future flows on the nonstandard port will be successfully detected and handled as configured by the applied policy. | ||||
| CVE-2019-1978 | 1 Cisco | 3 Firepower Management Center, Firepower Services Software For Asa, Firepower Threat Defense | 2024-11-21 | 5.8 Medium |
| A vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper reassembly of traffic streams. An attacker could exploit this vulnerability by sending crafted streams through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked. | ||||
| CVE-2019-1970 | 1 Cisco | 2 Firepower Management Center, Firepower Threat Defense | 2024-11-21 | N/A |
| A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors when handling specific SSL/TLS messages. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network. | ||||
| CVE-2019-1715 | 1 Cisco | 11 Adaptive Security Appliance Device Manager, Asa-5506-x, Asa-5506h-x and 8 more | 2024-11-21 | N/A |
| A vulnerability in the Deterministic Random Bit Generator (DRBG), also known as Pseudorandom Number Generator (PRNG), used in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private key of an affected device. The vulnerability is due to insufficient entropy in the DRBG when generating cryptographic keys. An attacker could exploit this vulnerability by generating a large number of cryptographic keys on an affected device and looking for collisions with target devices. A successful exploit could allow the attacker to impersonate an affected target device or to decrypt traffic secured by an affected key that is sent to or from an affected target device. | ||||
| CVE-2019-1714 | 1 Cisco | 18 Adaptive Security Appliance Software, Adaptive Security Virtual Appliance, Asa-5506-x and 15 more | 2024-11-21 | 8.6 High |
| A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to successfully establish a VPN session to an affected device. The vulnerability is due to improper credential management when using NT LAN Manager (NTLM) or basic authentication. An attacker could exploit this vulnerability by opening a VPN session to an affected device after another VPN user has successfully authenticated to the affected device via SAML SSO. A successful exploit could allow the attacker to connect to secured networks behind the affected device. | ||||