cisco firepower_extensible_operating_system CVE Vulnerabilities (56)

CVEs: 56 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting cisco firepower_extensible_operating_system (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 4156 of 56 CVEs
«« First « Prev Page 3 / 3 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2017-3883 A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability occurs because AAA processes prevent the NX-OS System Manager from receiving keepalive messages when an affected device receives a high rate of login attempts, such as in a brute-force login attack. System memory can run low [email protected] 8.6 4.45% 2017-10-19 2026-06-16
CVE-2017-6602 A vulnerability in the CLI of Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More Information: CSCvb66189 CSCvb86775. Known Affected Releases: 2.0(1.68) 3.1(1k)A. Known Fixed Releases: 92.2(1.101) 92.1(1.1742) 92.1(1.1658) 2.1(1.38) 2.0(1.107) 2.0(1.87) 1.1(4.148) 1.1(4.138). [email protected] 4.4 0.80% 2017-04-07 2026-06-16
CVE-2017-6601 A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More Information: CSCvb61384 CSCvb86764. Known Affected Releases: 2.0(1.68) 3.1(1k)A. Known Fixed Releases: 92.2(1.101) 92.1(1.1647). [email protected] 7.1 0.82% 2017-04-07 2026-06-16
CVE-2017-6600 A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More Information: CSCvb61351 CSCvb61637. Known Affected Releases: 2.0(1.68) 3.1(1k)A. Known Fixed Releases: 92.2(1.101) 92.1(1.1645) 2.0(1.82) 1.1(4.136. [email protected] 7.8 0.81% 2017-04-07 2026-06-16
CVE-2017-6598 A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to execute arbitrary commands, aka Privilege Escalation. More Information: CSCvb86725 CSCvb86797. Known Affected Releases: 2.0(1.68) 3.1(1k)A. Known Fixed Releases: 92.2(1.105) 92.1(1.1733) 2.1(1.69). [email protected] 6.7 0.40% 2017-04-07 2026-06-16
CVE-2017-6597 A vulnerability in the local-mgmt CLI command of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More Information: CSCvb61394 CSCvb86816. Known Affected Releases: 2.0(1.68) 3.1(1k)A. Known Fixed Releases: 92.2(1.101) 92.1(1.1658) 2.0(1.115). [email protected] 7.8 0.81% 2017-04-07 2026-06-16
CVE-2015-6435 An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Computing System (UCS) Manager before 2.2(4b), 2.2(5) before 2.2(5a), and 3.0 before 3.0(2e) allows remote attackers to execute arbitrary shell commands via a crafted HTTP request, aka Bug ID CSCur90888. [email protected] 9.8 8.68% 2016-01-22 2026-06-16
CVE-2015-6380 An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote authenticated users to execute arbitrary OS commands via crafted parameters, aka Bug ID CSCux10622. [email protected] 6.5 1.14% 2015-11-23 2026-06-16
CVE-2015-6374 The web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, aka Bug ID CSCux10604. [email protected] 4.3 0.84% 2015-11-18 2026-06-16
CVE-2015-6371 Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote authenticated users to read arbitrary files via crafted parameters to unspecified scripts, aka Bug ID CSCux10621. [email protected] 4.0 0.97% 2015-11-18 2026-06-16
CVE-2015-6370 The Management I/O (MIO) component in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows local users to execute arbitrary OS commands as root via crafted CLI input, aka Bug ID CSCux10578. [email protected] 7.2 0.39% 2015-11-18 2026-06-16
CVE-2015-6369 The USB driver in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows physically proximate attackers to cause a denial of service via a crafted USB device that triggers invalid USB commands, aka Bug ID CSCux10531. [email protected] 4.9 0.31% 2015-11-18 2026-06-16
CVE-2015-6368 Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to read files via a crafted HTTP request, aka Bug ID CSCux10608. [email protected] 5.0 1.22% 2015-11-18 2026-06-16
CVE-2015-6373 Cross-site request forgery (CSRF) vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCux10611. [email protected] 6.8 0.59% 2015-11-18 2026-06-16
CVE-2015-6372 Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCux10614. [email protected] 4.3 0.96% 2015-11-18 2026-06-16
CVE-2015-4287 Cisco Firepower Extensible Operating System 1.1(1.86) on Firepower 9000 devices allows remote attackers to bypass intended access restrictions and obtain sensitive device information by visiting an unspecified web page, aka Bug ID CSCuu82230. [email protected] 5.0 1.27% 2015-07-28 2026-06-16
«« First « Prev Page 3 / 3 Next »
cvelogic Threat Intelligence