CVE-2017-6766

all versions

A vulnerability in the Secure Sockets Layer (SSL) Decryption and Inspection feature of Cisco Firepower System Software 5.4.0, 5.4.

7.5HIGH

CVE-2017-6735

all versions

A vulnerability in the backup and restore functionality of Cisco FireSIGHT System Software could allow an authenticated, local att

6.7MEDIUM

CVE-2016-9193

all versions

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT Sys

7.5HIGH

CVE-2016-6471

all versions

A vulnerability in the web-based management interface of Cisco Firepower Management Center running FireSIGHT System software could

6.5MEDIUM

CVE-2016-6460

all versions

A vulnerability in the FTP Representational State Transfer Application Programming Interface (REST API) for Cisco Firepower System

7.5HIGH

CVE-2016-6417

all versions

Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 4.10.2 through 6.1.0 and Firepower Management C

8.8HIGH

CVE-2016-6420

all versions

Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass au

6.5MEDIUM

CVE-2016-6411

all versions

Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 mishandle comparisons between URLs and X.509 certificates, w

7.5HIGH

CVE-2016-6396

all versions

Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1, when certain malware blocking options are e

5.3MEDIUM

CVE-2016-6395

all versions

Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Firepower Management Center before 6.1 and

5.4MEDIUM

CVE-2016-6394

all versions

Session fixation vulnerability in Cisco Firepower Management Center and Cisco FireSIGHT System Software through 6.1.0 allows remot

9.1CRITICAL

CVE-2016-1463

all versions

Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted para

7.5HIGH

CVE-2016-1394

all versions

Cisco Firepower System Software 6.0.0 through 6.1.0 has a hardcoded account, which allows remote attackers to obtain CLI access by

8.6HIGH

CVE-2016-1368

all versions

Cisco FirePOWER System Software 5.3.x through 5.3.0.6 and 5.4.x through 5.4.0.3 on FirePOWER 7000 and 8000 appliances, and on the

7.5HIGH

CVE-2016-1345

all versions

Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with FirePOWER Services 5.4.0 through 6.0.0.1 allow remote attackers t

7.5HIGH

CVE-2016-1356

all versions

Cisco FireSIGHT System Software 6.1.0 does not use a constant-time algorithm for verifying credentials, which makes it easier for

3.7LOW

CVE-2016-1355

all versions

Cross-site scripting (XSS) vulnerability in the Device Management UI in the management interface in Cisco FireSIGHT System Softwar

6.1MEDIUM

CVE-2016-1294

all versions

Cross-site scripting (XSS) vulnerability in the Management Center in Cisco FireSIGHT System Software 6.0.1 allows remote attackers

6.1MEDIUM

CVE-2016-1293

all versions

Multiple cross-site scripting (XSS) vulnerabilities in the Management Center in Cisco FireSIGHT System Software 6.0.0 and 6.0.1 al

6.1MEDIUM

CVE-2015-6427

all versions

Cisco FireSIGHT Management Center allows remote attackers to bypass the HTTP attack detection feature and avoid triggering Snort I

CVE-2015-6419

all versions

Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote authenticated users to read a

CVE-2015-6357

all versions

The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 through 5.4.0.1 does not verify the X.509 certificate of the

CVE-2015-6363

all versions

Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco FireSIGHT Management Center (MC) 5.4.1.4 and 6.0

CVE-2015-6354

all versions

Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight Management Center (MC) 5.4.1.3 and 6.0 allow remote authent

CVE-2015-6353

all versions

Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight Management Center (MC) 5.3.1.5 and 5.4.x through 5.4.1.3 al

CVE-2015-6335

all versions

The policy implementation in Cisco FireSIGHT Management Center 5.3.1.7, 5.4.0.4, and 6.0.0 for VMware allows remote authenticated

CVE-2015-4302

all versions

The web interface in Cisco FireSIGHT Management Center 5.3.1.4 allows remote attackers to delete arbitrary system policies via mod

CVE-2015-4270

all versions

Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSIGHT System Software 5.3.1.5 and 6.0.0 allow remote attackers to

CVE-2015-4242

all versions

Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 5.4.1.2 and 6.0.0 in FireSIGHT Management Cente

CVE-2015-0773

all versions

Cisco FireSIGHT System Software 5.3.1.3 and 6.0.0 allows remote authenticated users to delete an arbitrary user's dashboard via a

CVE-2015-0737

all versions

Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSIGHT System Software 5.3.1.1 allow remote attackers to inject ar

CVE-2015-0766

all versions

Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in the Management Center component in Cisc

CVE-2015-0739

all versions

The Lights-Out Management (LOM) implementation in Cisco FireSIGHT System Software 5.3.0 on Sourcefire 3D Sensor devices allows rem

CVE-2015-0707

all versions

Cross-site scripting (XSS) vulnerability in Cisco FireSIGHT System Software 5.3.1.1 and 6.0.0 in FireSIGHT Management Center allow

CVE-2015-0706

all versions

Open redirect vulnerability in Cisco FireSIGHT System Software 5.3.1.1, 5.3.1.2, and 6.0.0 in FireSIGHT Management Center allows r