threat
engine
.sh
Back
·
··:··
Home
/
Product
/
cisco firepower threat defense
Product
cisco firepower threat defense
230 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-20020
all versions
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenti
6.8
MEDIUM
CVE-2026-20100
all versions
A vulnerability in the LUA interperter of the Remote Access SSL VPN feature of Cisco Secure Firewall Adaptive Security Appliance (
7.7
HIGH
CVE-2026-20073
all versions
A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD)
5.8
MEDIUM
CVE-2026-20070
all versions
A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Se
6.1
MEDIUM
CVE-2025-20363
>= 7.0.0 and < 7.0.8
A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Thr
9.0
CRITICAL
CVE-2025-20362
>= 7.0.0 and < 7.0.8.1
Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco
6.5
MEDIUM
CVE-2025-20333
>= 7.0.0 and < 7.0.8.1
A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewal
9.9
CRITICAL
CVE-2025-20127
all versions
A vulnerability in the TLS 1.3 implementation for a specific cipher for Cisco Secure Firewall Adaptive Security Appliance (ASA) So
7.7
HIGH
CVE-2025-20182
all versions
A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol processing of Cisco Adaptive Security Appliance (ASA) Soft
8.6
HIGH
CVE-2022-20685
all versions
A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause
7.5
HIGH
CVE-2024-20495
all versions
A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat De
8.6
HIGH
CVE-2024-20494
all versions
A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Thre
8.6
HIGH
CVE-2024-20431
all versions
A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthen
5.8
MEDIUM
CVE-2024-20412
all versions
A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow
9.3
CRITICAL
CVE-2024-20408
all versions
A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepow
7.7
HIGH
CVE-2024-20407
all versions
A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat De
5.8
MEDIUM
CVE-2024-20402
all versions
A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FT
8.6
HIGH
CVE-2024-20388
all versions
A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated,
5.3
MEDIUM
CVE-2024-20384
all versions
A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower
5.8
MEDIUM
CVE-2024-20382
all versions
A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Thr
6.1
MEDIUM
CVE-2024-20330
all versions
A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco
8.6
HIGH
CVE-2024-20299
all versions
A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense
5.8
MEDIUM
CVE-2024-20297
all versions
A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense
5.8
MEDIUM
CVE-2024-20268
all versions
A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and C
7.7
HIGH
CVE-2024-20363
all versions
Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allo
5.8
MEDIUM
CVE-2024-20355
all versions
A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security A
5.0
MEDIUM
CVE-2024-20293
>= 7.3.0 and <= 7.4.0
A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Fi
5.8
MEDIUM
CVE-2024-20261
all versions
A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD)
5.8
MEDIUM
CVE-2024-20359
all versions
A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in
6.0
MEDIUM
CVE-2024-20353
all versions
A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Thr
8.6
HIGH
CVE-2023-20275
all versions
A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat D
4.1
MEDIUM
CVE-2023-20267
>= 6.7.0 and <= 7.3.1.1
A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP ad
4.0
MEDIUM
CVE-2023-20264
all versions
A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN
6.1
MEDIUM
CVE-2023-20247
all versions
A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threa
5.0
MEDIUM
CVE-2023-20246
>= 7.0.0 and <= 7.3.1.1
Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remo
5.8
MEDIUM
CVE-2023-20095
all versions
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat De
8.6
HIGH
CVE-2023-20083
>= 6.2.3 and <= 6.2.3.18
A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Firepower Threat Defense (FTD) So
8.6
HIGH
CVE-2023-20071
< 6.4.0.17
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote
5.8
MEDIUM
CVE-2023-20070
all versions
A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated,
4.0
MEDIUM
CVE-2023-20063
>= 6.2.3 and <= 6.2.3.18
A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD)
8.2
HIGH
CVE-2023-20042
all versions
A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat D
6.8
MEDIUM
CVE-2023-20031
all versions
A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense (F
4.0
MEDIUM
CVE-2023-20270
all versions
A vulnerability in the interaction between the Server Message Block (SMB) protocol preprocessor and the Snort 3 detection engine f
5.8
MEDIUM
CVE-2023-20256
all versions
Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower
5.0
MEDIUM
CVE-2023-20245
all versions
Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower
5.8
MEDIUM
CVE-2023-20244
all versions
A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series
8.6
HIGH
CVE-2023-20177
all versions
A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TL
4.0
MEDIUM
CVE-2023-20086
all versions
A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD)
8.6
HIGH
CVE-2023-44487
< 7.4.2
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams q
7.5
HIGH
CVE-2023-20269
all versions
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat De
5.0
MEDIUM
CVE-2023-20006
all versions
A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and C
8.6
HIGH
CVE-2023-20107
< 6.4.0
A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number generator (PRNG), in Cisco Ada
7.5
HIGH
CVE-2023-20081
all versions
A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threa
6.8
MEDIUM
CVE-2022-20950
all versions
A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense (FTD) Software could allow an unauthentic
5.8
MEDIUM
CVE-2022-20949
>= 6.1.0 and <= 6.1.0.7
A vulnerability in the management web server of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote
6.5
MEDIUM
CVE-2022-20947
all versions
A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower T
8.6
HIGH
CVE-2022-20946
>= 6.3.0 and <= 6.3.0.5
A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) So
8.6
HIGH
CVE-2022-20943
all versions
Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco pr
5.8
MEDIUM
CVE-2022-20940
>= 6.2.3 and <= 6.2.3.18
A vulnerability in the TLS handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacke
5.3
MEDIUM
CVE-2022-20934
>= 6.1.0 and <= 6.1.0.7
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software and Cisco FXOS Software could allow an authenticated,
6.0
MEDIUM
CVE-2022-20928
all versions
A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Softw
5.8
MEDIUM
CVE-2022-20927
>= 6.5.0 and <= 6.5.0.5
A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD)
7.7
HIGH
CVE-2022-20924
all versions
A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and C
7.7
HIGH
CVE-2022-20922
all versions
Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco pr
5.8
MEDIUM
CVE-2022-20854
>= 6.1.0 and <= 6.1.0.7
A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense
7.5
HIGH
CVE-2022-20826
all versions
A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security A
6.4
MEDIUM
CVE-2022-20866
>= 7.0.0 and < 7.0.4
A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepowe
7.4
HIGH
CVE-2022-20713
all versions
A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower T
4.3
MEDIUM
CVE-2022-20767
< 7.0.2
A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthentica
8.6
HIGH
CVE-2022-20760
< 6.4.0.15
A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FT
8.6
HIGH
CVE-2022-20759
< 6.4.0.15
A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software a
8.8
HIGH
CVE-2022-20757
< 6.4.0.15
A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticate
8.6
HIGH
CVE-2022-20751
< 6.4.0.15
A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthe
8.6
HIGH
CVE-2022-20748
all versions
A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD) Software could allow an unauthentica
5.3
MEDIUM
CVE-2022-20746
< 6.4.0.15
A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, re
8.6
HIGH
CVE-2022-20745
< 6.4.0.15
A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software a
8.6
HIGH
CVE-2022-20742
< 6.4.0.15
A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FT
7.4
HIGH
CVE-2022-20730
< 6.4.0.15
A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthen
4.0
MEDIUM
CVE-2022-20729
< 6.4.0.15
A vulnerability in CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject XML
4.4
MEDIUM
CVE-2022-20715
< 6.4.0.15
A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Thre
8.6
HIGH
CVE-2022-20795
<= 7.0.1
A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and
5.8
MEDIUM
CVE-2021-34704
>= 6.7.0 and < 6.7.0.3
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defen
8.6
HIGH
CVE-2021-1573
<= 6.2.2
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defen
8.6
HIGH
CVE-2021-44228
all versions
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration
10.0
CRITICAL
CVE-2021-40125
< 6.4.0.13
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software
5.3
MEDIUM
CVE-2021-40118
< 6.4.0.13
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defen
8.6
HIGH
CVE-2021-40117
< 6.2.3.17
A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense
8.6
HIGH
CVE-2021-40116
>= 6.4.0 and < 6.4.0.13
Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cau
8.6
HIGH
CVE-2021-40114
< 6.4.0.12
Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could al
6.8
MEDIUM
CVE-2021-34794
>= 6.4.0 and < 6.4.0.13
A vulnerability in the Simple Network Management Protocol version 3 (SNMPv3) access control functionality of Cisco Adaptive Securi
5.3
MEDIUM
CVE-2021-34793
< 6.4.0.13
A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Softw
8.6
HIGH
CVE-2021-34792
>= 6.4.0 and < 6.4.0.13
A vulnerability in the memory management of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) So
8.6
HIGH
CVE-2021-34791
< 6.4.0.12
Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptiv
4.7
MEDIUM
CVE-2021-34790
< 6.4.0.12
Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptiv
4.7
MEDIUM
CVE-2021-34787
< 6.4.0.13
A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Software
5.3
MEDIUM
CVE-2021-34783
>= 6.4.0 and < 6.4.0.13
A vulnerability in the software-based SSL/TLS message handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Th
8.6
HIGH
CVE-2021-34781
>= 6.3.0 and < 6.4.0.13
A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Softwa
8.6
HIGH
CVE-2021-34764
< 6.4.0.13
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an
4.8
MEDIUM
CVE-2021-34763
< 6.4.0.13
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an
4.8
MEDIUM
CVE-2021-34762
< 6.4.0.13
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authentic
8.1
HIGH
CVE-2021-34761
>= 6.4.0 and < 6.4.0.13
A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or appe
4.4
MEDIUM
CVE-2021-34756
>= 6.4.0 and < 6.4.0.13
Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker
6.7
MEDIUM
CVE-2021-34755
>= 6.4.0 and < 6.4.0.13
Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker
6.7
MEDIUM
CVE-2021-34754
>= 6.4.0 and < 6.4.0.13
Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defe
5.8
MEDIUM
CVE-2021-1422
all versions
A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat
7.7
HIGH
CVE-2021-1504
>= 6.5.0 and < 6.6.4
Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could all
8.6
HIGH
CVE-2021-1501
>= 6.2.2 and < 6.4.0.12
A vulnerability in the SIP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defens
8.6
HIGH
CVE-2021-1495
< 6.4.0.12
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote
5.8
MEDIUM
CVE-2021-1493
< 6.4.0.12
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defen
8.5
HIGH
CVE-2021-1488
>= 6.5.0 and < 6.6.4
A vulnerability in the upgrade process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD
6.7
MEDIUM
CVE-2021-1476
>= 6.5.0 and < 6.6.4
A vulnerability in the CLI of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software c
6.7
MEDIUM
CVE-2021-1448
>= 6.4.0 and < 6.4.0.10
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execut
7.8
HIGH
CVE-2021-1445
>= 6.5.0 and < 6.6.4
Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could all
8.6
HIGH
CVE-2021-1402
>= 6.3.0 and < 6.4.0
A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software could allow an unau
8.6
HIGH
CVE-2021-1256
<= 6.4.0
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwr
6.0
MEDIUM
CVE-2021-1236
< 6.5.0.5
Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthentica
5.3
MEDIUM
CVE-2021-1224
< 6.7.0
Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection
5.8
MEDIUM
CVE-2021-1223
< 6.7.0
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote
7.5
HIGH
CVE-2020-3585
< 6.4.0.10
A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) So
5.3
MEDIUM
CVE-2020-3583
< 6.3.0.6
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Thr
6.1
MEDIUM
CVE-2020-3582
< 6.3.0.6
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Thr
6.1
MEDIUM
CVE-2020-3581
< 6.3.0.6
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Thr
6.1
MEDIUM
CVE-2020-3580
< 6.4.0.12
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Thr
6.1
MEDIUM
CVE-2020-3578
< 6.3.0.6
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defen
5.3
MEDIUM
CVE-2020-3577
< 6.3.0.6
A vulnerability in the ingress packet processing path of Cisco Firepower Threat Defense (FTD) Software for interfaces that are con
7.4
HIGH
CVE-2020-3572
< 6.3.0.6
A vulnerability in the SSL/TLS session handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defe
8.6
HIGH
CVE-2020-3571
>= 6.3.0 and < 6.3.0.6
A vulnerability in the ICMP ingress packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 4110 ap
8.6
HIGH
CVE-2020-3565
< 6.4.0.8
A vulnerability in the TCP Intercept functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated
5.8
MEDIUM
CVE-2020-3564
< 6.3.0.6
A vulnerability in the FTP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defens
5.3
MEDIUM
CVE-2020-3563
>= 6.3.0 and < 6.3.0.6
A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthentic
8.6
HIGH
CVE-2020-3562
all versions
A vulnerability in the SSL/TLS inspection of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series firewal
8.6
HIGH
CVE-2020-3561
< 6.3.0.6
A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat
4.7
MEDIUM
CVE-2020-3555
<= 6.2.2
A vulnerability in the SIP inspection process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defen
6.8
MEDIUM
CVE-2020-3554
<= 6.2.2
A vulnerability in the TCP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defens
7.5
HIGH
CVE-2020-3550
<= 6.0.1
A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) S
8.1
HIGH
CVE-2020-3549
< 6.6.1
A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defen
8.1
HIGH
CVE-2020-3533
< 6.3.0.6
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Firepower Threat Defense (FTD) So
8.6
HIGH
CVE-2020-3529
< 6.3.0.6
A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat
8.6
HIGH
CVE-2020-3528
< 6.3.0.6
A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepo
8.6
HIGH
CVE-2020-3514
>= 6.3.0 and < 6.3.0.6
A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local
8.2
HIGH
CVE-2020-3458
<= 6.2.2
Multiple vulnerabilities in the secure boot process of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defen
6.7
MEDIUM
CVE-2020-3457
>= 6.2.2 and < 6.3.0.6
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that a
6.7
MEDIUM
CVE-2020-3436
<= 6.2.2
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD)
8.6
HIGH
CVE-2020-3373
all versions
A vulnerability in the IP fragment-handling implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower
8.6
HIGH
CVE-2020-3352
< 6.3.0.6
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access
5.5
MEDIUM
CVE-2020-3317
< 6.4.0.10
A vulnerability in the ssl_inspection component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, r
7.5
HIGH
CVE-2020-3304
< 6.3.0.6
A vulnerability in the web interface of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Softwa
8.6
HIGH
CVE-2020-3299
>= 6.0.0 and < 6.3.0.1
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote
5.8
MEDIUM
CVE-2019-15992
all versions
A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Ci
7.2
HIGH
CVE-2020-3452
>= 6.2.3 and < 6.2.3.16
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defen
7.5
HIGH
CVE-2020-3334
< 6.6.0
A vulnerability in the ARP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defens
7.4
HIGH
CVE-2020-3315
< 6.6.0
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote
5.3
MEDIUM
CVE-2020-3308
< 6.2.2.1
A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense (FTD) Software could allow an authen
4.9
MEDIUM
CVE-2020-3306
< 6.3.0.5
A vulnerability in the DHCP module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) So
7.5
HIGH
CVE-2020-3305
< 6.3.0.5
A vulnerability in the implementation of the Border Gateway Protocol (BGP) module in Cisco Adaptive Security Appliance (ASA) Softw
7.5
HIGH
CVE-2020-3303
< 6.3.0.5
A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cis
7.5
HIGH
CVE-2020-3298
>= 6.2.0 and < 6.2.3.16
A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisc
7.5
HIGH
CVE-2020-3285
>= 6.4.0 and <= 6.4.0.8
A vulnerability in the Transport Layer Security version 1.3 (TLS 1.3) policy with URL category functionality for Cisco Firepower T
5.8
MEDIUM
CVE-2020-3283
>= 6.4.0 and < 6.4.0.9
A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Firepower Threat Defense (FTD) S
8.6
HIGH
CVE-2020-3259
>= 6.2.3 and < 6.2.3.16
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defen
7.5
HIGH
CVE-2020-3255
>= 6.2.3 and < 6.2.3.16
A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthentic
7.5
HIGH
CVE-2020-3254
>= 6.2.3 and < 6.2.3.16
Multiple vulnerabilities in the Media Gateway Control Protocol (MGCP) inspection feature of Cisco Adaptive Security Appliance (ASA
7.5
HIGH
CVE-2020-3253
< 6.5.0
A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local
6.7
MEDIUM
CVE-2020-3196
>= 6.2.3 and < 6.2.3.16
A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Adaptive Security Appliance (ASA
8.6
HIGH
CVE-2020-3195
>= 6.4.0 and < 6.4.0.9
A vulnerability in the Open Shortest Path First (OSPF) implementation in Cisco Adaptive Security Appliance (ASA) Software and Cisc
7.5
HIGH
CVE-2020-3191
>= 6.2.3 and < 6.2.3.16
A vulnerability in DNS over IPv6 packet processing for Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defen
8.6
HIGH
CVE-2020-3189
all versions
A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthent
8.6
HIGH
CVE-2020-3188
>= 6.4.0 and < 6.4.0.9
A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could all
5.3
MEDIUM
CVE-2020-3187
>= 6.2.3 and < 6.2.3.16
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defen
9.1
CRITICAL
CVE-2020-3186
>= 6.3.0 and < 6.3.0.6
A vulnerability in the management access list configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauth
5.3
MEDIUM
CVE-2020-3179
>= 6.3.0 and < 6.3.0.5
A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) So
7.5
HIGH
CVE-2020-3167
>= 6.2.2 and < 6.2.3.13
A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to e
7.8
HIGH
CVE-2020-3166
>= 6.2.2 and < 6.2.3.16
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on
6.7
MEDIUM
CVE-2019-1982
all versions
A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Softw
5.3
MEDIUM
CVE-2019-1981
all versions
A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software f
5.8
MEDIUM
CVE-2019-1980
all versions
A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software
5.3
MEDIUM
CVE-2019-1978
all versions
A vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software f
5.8
MEDIUM
CVE-2019-15256
>= 6.2.0 and < 6.2.3.11
A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cis
8.6
HIGH
CVE-2019-12700
<= 6.1.0
A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco Firepower Threat Defense (FTD) Sof
6.5
MEDIUM
CVE-2019-12699
<= 6.1.0
Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authen
7.8
HIGH
CVE-2019-12698
< 6.2.3.15
A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD)
7.5
HIGH
CVE-2019-12695
< 6.2.3.15
A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat De
6.1
MEDIUM
CVE-2019-12694
< 6.3.0.5
A vulnerability in the command line interface (CLI) of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated,
6.7
MEDIUM
CVE-2019-12678
< 6.2.3.15
A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and
7.5
HIGH
CVE-2019-12676
< 6.3.0.4
A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisc
7.4
HIGH
CVE-2019-12675
< 6.4.0.2
Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticat
8.8
HIGH
CVE-2019-12674
< 6.4.0.2
Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticat
8.2
HIGH
CVE-2019-12673
< 6.3.0.5
A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) So
7.5
HIGH
CVE-2019-12627
< 6.4.0.4
A vulnerability in the application policy configuration of the Cisco Firepower Threat Defense (FTD) Software could allow an unauth
7.5
HIGH
CVE-2019-1970
< 6.4.1
A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Thr
5.8
MEDIUM
CVE-2019-1715
>= 6.2.1 and < 6.2.3.12
A vulnerability in the Deterministic Random Bit Generator (DRBG), also known as Pseudorandom Number Generator (PRNG), used in Cisc
5.3
MEDIUM
CVE-2019-1714
>= 6.2.1 and < 6.2.3.12
A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN
8.6
HIGH
CVE-2019-1709
all versions
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perfor
6.0
MEDIUM
CVE-2019-1708
>= 6.2.2 and <= 6.2.3.12
A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) feature for the Cisco Adaptive S
8.6
HIGH
CVE-2019-1704
>= 6.0.0 and < 6.2.3.12
Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defen
7.5
HIGH
CVE-2019-1703
>= 6.2.1 and < 6.2.3.12
A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for the Cisco Fir
8.6
HIGH
CVE-2019-1701
>= 6.2.1 and < 6.2.3.12
Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defe
4.8
MEDIUM
CVE-2019-1697
< 6.2.3.12
A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco Adaptive Security Appli
6.8
MEDIUM
CVE-2019-1696
>= 6.0.0 and < 6.2.3.12
Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defen
7.5
HIGH
CVE-2019-1695
>= 6.2.1 and < 6.2.3.12
A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FT
6.5
MEDIUM
CVE-2019-1694
< 6.2.3.12
A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defens
8.6
HIGH
CVE-2019-1693
>= 6.2.1 and < 6.2.3.12
A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD)
6.5
MEDIUM
CVE-2019-1687
>= 6.0.0 and < 6.2.3.12
A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Def
7.5
HIGH
CVE-2018-15462
< 6.2.3.12
A vulnerability in the TCP ingress handler for the data interfaces that are configured with management access to Cisco Firepower T
8.6
HIGH
CVE-2018-15388
< 6.2.3.12
A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense
8.6
HIGH
CVE-2019-1691
< 6.2.3.4
A vulnerability in the detection engine of Cisco Firepower Threat Defense Software could allow an unauthenticated, remote attacker
5.8
MEDIUM
CVE-2019-1669
all versions
A vulnerability in the data acquisition (DAQ) component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenti
8.6
HIGH
CVE-2018-15454
>= 6.1.0 and < 6.1.0.7
A vulnerability in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) Software and
8.6
HIGH
CVE-2018-15399
all versions
A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (F
6.8
MEDIUM
CVE-2018-15398
all versions
A vulnerability in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat De
4.0
MEDIUM
CVE-2018-15390
>= 6.2.3.0 and <= 6.2.3.4
A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remo
6.8
MEDIUM
CVE-2018-15383
all versions
A vulnerability in the cryptographic hardware accelerator driver of Cisco Adaptive Security Appliance (ASA) Software and Cisco Fir
7.5
HIGH
CVE-2018-0453
all versions
A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Th
8.2
HIGH
CVE-2018-0296
>= 6.0 and < 6.1.0
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacke
7.5
HIGH
CVE-2018-0297
all versions
A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an unauthenticated, remote attacker
5.8
MEDIUM
CVE-2018-0254
all versions
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypa
5.3
MEDIUM
CVE-2018-0244
< 6.2.3
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypa
5.8
MEDIUM
CVE-2018-0243
< 6.2.3
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypa
5.8
MEDIUM
CVE-2018-0240
>= 6.1.0 and <= 6.1.0.7
Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software
8.6
HIGH
CVE-2018-0231
>= 6.0 and < 6.1.0.6
A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepo
8.6
HIGH
CVE-2018-0230
all versions
A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepow
8.6
HIGH
CVE-2018-0228
>= 6.0 and < 6.1.0.6
A vulnerability in the ingress flow creation functionality of Cisco Adaptive Security Appliance (ASA) could allow an unauthenticat
8.6
HIGH
CVE-2018-0227
>= 6.0 and <= 6.0.1.4
A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for Cisc
7.5
HIGH
CVE-2018-0138
all versions
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypa
5.3
MEDIUM
CVE-2018-0101
all versions
A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could
10.0
CRITICAL
CVE-2017-6632
all versions
A vulnerability in the logging configuration of Secure Sockets Layer (SSL) policies for Cisco FirePOWER System Software 5.3.0 thro
7.5
HIGH
CVE-2017-6625
all versions
A "Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of Service" vulnerability in the
7.1
HIGH
CVE-2017-3887
all versions
A vulnerability in the detection engine that handles Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could
5.9
MEDIUM
CVE-2017-3822
all versions
A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) could allow an
5.3
MEDIUM
CVE-2017-3806
all versions
A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Sec
5.3
MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin