Known Vulnerabilities for Firepower 9300 by Cisco

Listed below are 10 of the newest known vulnerabilities associated with "Firepower 9300" by "Cisco".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2022-20866 A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Fir... 7.5 - HIGH 2022-08-10 2022-08-15
CVE-2022-20829 A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images b... 7.2 - HIGH 2022-06-24 2022-08-16
CVE-2022-20828 A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could al... 7.2 - HIGH 2022-06-24 2022-09-05
CVE-2022-20795 A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software... 7.5 - HIGH 2022-04-21 2022-05-04
CVE-2022-20625 A vulnerability in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software could allow an unauth... 4.3 - MEDIUM 2022-02-23 2022-03-07
CVE-2021-34714 A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE ... 7.4 - HIGH 2021-09-23 2021-10-13
CVE-2021-1489 A vulnerability in filesystem usage management for Cisco Firepower Device Manager (FDM) Software could allow an authenticated... 6.5 - MEDIUM 2021-04-29 2021-05-09
CVE-2021-1448 A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to e... 7.8 - HIGH 2021-04-29 2021-05-09
CVE-2021-1368 A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could all... 8.8 - HIGH 2021-02-24 2021-03-03
CVE-2020-3120 A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-O... 6.5 - MEDIUM 2020-02-05 2020-02-11

Popular searches for Firepower 9300

Cisco Security Advisory: Cisco Firepower 4100 Series NGFW and Firepower 9300 Security Appliance Smart Licensing Command Injection Vulnerability

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-fpwr

Cisco Security Advisory: Cisco Firepower 4100 Series NGFW and Firepower 9300 Security Appliance Smart Licensing Command Injection Vulnerability B @ >A vulnerability in the Smart Licensing Manager service of the Cisco Firepower 5 3 1 4100 Series Next-Generation Firewall NGFW and Firepower 9300 Security Appliance could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges. The vulnerability is due to insufficient input validation of certain Smart Licensing configuration parameters. An authenticated attacker could exploit the vulnerability by configuring a malicious URL within the affected feature. A successful exploit could allow the attacker to execute arbitrary commands with root privileges. Cisco CiscoSecurityAdvisory/ isco -sa-20171101-fpwr

Cisco Systems Vulnerability (computing) Computer security Command (computing) Exploit (computer security) Security hacker Authentication Superuser Code injection License Software license Security Firepower (pinball) Windows Metafile vulnerability Next-generation firewall Malware URL Patch (computing) Data validation Software

Cisco Security Advisory: Cisco Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance Path Traversal Vulnerability

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepwr-pt

Cisco Security Advisory: Cisco Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance Path Traversal Vulnerability N L JA vulnerability in the process of uploading new application images to the Cisco Firepower 5 3 1 4100 Series Next-Generation Firewall NGFW and Firepower 9300 Security Appliance could allow an authenticated, remote attacker using path traversal techniques to create or overwrite arbitrary files on an affected device. The vulnerability is due to insufficient validation during the application image upload process. An attacker could exploit this vulnerability by creating an application image containing malicious code and installing the image on the affected device using the CLI or web-based user interface web UI . These actions occur prior to signature verification and could allow the attacker to create and execute arbitrary code with root privileges. Note: A missing or invalid signature in the application image will cause the upload process to fail, but does not prevent the exploit. Cisco o m k has released software updates that address this vulnerability. There are no workarounds that address this

Cisco Systems Vulnerability (computing) Computer security Application software Next-generation firewall Upload Process (computing) Software Exploit (computer security) User interface Cisco NX-OS Security hacker Application security Network switch Security Command-line interface Firepower (pinball) Google Nexus Windows Metafile vulnerability Digital signature

© CVE.report 2022 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report