All the vulnerabilites related to cisco - firepower_management_center_virtual_appliance
cve-2018-0365
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 14:55
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based management interface of the affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions on the targeted device via a web browser and with the privileges of the user. Cisco Bug IDs: CSCvb19750.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepower-csrf | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/104519 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco Firepower Management Center unknown |
Version: Cisco Firepower Management Center unknown |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepower-csrf"
},
{
"name": "104519",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104519"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0365",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:41:50.866347Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T14:55:53.272Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Firepower Management Center unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Firepower Management Center unknown"
}
]
}
],
"datePublic": "2018-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based management interface of the affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions on the targeted device via a web browser and with the privileges of the user. Cisco Bug IDs: CSCvb19750."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-22T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepower-csrf"
},
{
"name": "104519",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104519"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0365",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Firepower Management Center unknown",
"version": {
"version_data": [
{
"version_value": "Cisco Firepower Management Center unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based management interface of the affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions on the targeted device via a web browser and with the privileges of the user. Cisco Bug IDs: CSCvb19750."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepower-csrf",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepower-csrf"
},
{
"name": "104519",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104519"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0365",
"datePublished": "2018-06-21T11:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T14:55:53.272Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-15270
Vulnerability from cvelistv5
Published
2019-10-16 18:36
Modified
2024-11-21 19:07
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-firepwr-stored-xss | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Firepower Management Center |
Version: unspecified < n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:42:03.708Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20191016 Cisco Firepower Management Center Stored Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-firepwr-stored-xss"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-15270",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:56:02.573273Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:07:17.589Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Firepower Management Center",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-16T18:36:43",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20191016 Cisco Firepower Management Center Stored Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-firepwr-stored-xss"
}
],
"source": {
"advisory": "cisco-sa-20191016-firepwr-stored-xss",
"defect": [
[
"CSCvq46443"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Firepower Management Center Stored Cross-Site Scripting Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-10-16T16:00:00-0700",
"ID": "CVE-2019-15270",
"STATE": "PUBLIC",
"TITLE": "Cisco Firepower Management Center Stored Cross-Site Scripting Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Firepower Management Center",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.4",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20191016 Cisco Firepower Management Center Stored Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-firepwr-stored-xss"
}
]
},
"source": {
"advisory": "cisco-sa-20191016-firepwr-stored-xss",
"defect": [
[
"CSCvq46443"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-15270",
"datePublished": "2019-10-16T18:36:43.336332Z",
"dateReserved": "2019-08-20T00:00:00",
"dateUpdated": "2024-11-21T19:07:17.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34763
Vulnerability from cvelistv5
Published
2021-10-27 18:55
Modified
2024-11-07 21:44
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Firepower Management Center |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.143Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211027 Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34763",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:39:49.032063Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:44:15.836Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Firepower Management Center",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T18:55:41",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211027 Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg"
}
],
"source": {
"advisory": "cisco-sa-fmc-xss-openredir-TVPMWJyg",
"defect": [
[
"CSCvx32283",
"CSCvx55664"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-10-27T16:00:00",
"ID": "CVE-2021-34763",
"STATE": "PUBLIC",
"TITLE": "Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Firepower Management Center",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.8",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-601"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211027 Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg"
}
]
},
"source": {
"advisory": "cisco-sa-fmc-xss-openredir-TVPMWJyg",
"defect": [
[
"CSCvx32283",
"CSCvx55664"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34763",
"datePublished": "2021-10-27T18:55:41.533802Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:44:15.836Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-15268
Vulnerability from cvelistv5
Published
2019-10-16 18:36
Modified
2024-11-21 19:07
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-firepwr-xss | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Firepower Management Center |
Version: unspecified < n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:42:03.631Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20191016 Cisco Firepower Management Center Multiple Cross-Site Scripting Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-firepwr-xss"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-15268",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:56:05.328247Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:07:35.426Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Firepower Management Center",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-16T18:36:42",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20191016 Cisco Firepower Management Center Multiple Cross-Site Scripting Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-firepwr-xss"
}
],
"source": {
"advisory": "cisco-sa-20191016-firepwr-xss",
"defect": [
[
"CSCvq53902",
"CSCvq53915"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Firepower Management Center Multiple Cross-Site Scripting Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-10-16T16:00:00-0700",
"ID": "CVE-2019-15268",
"STATE": "PUBLIC",
"TITLE": "Cisco Firepower Management Center Multiple Cross-Site Scripting Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Firepower Management Center",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.8",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20191016 Cisco Firepower Management Center Multiple Cross-Site Scripting Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-firepwr-xss"
}
]
},
"source": {
"advisory": "cisco-sa-20191016-firepwr-xss",
"defect": [
[
"CSCvq53902",
"CSCvq53915"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-15268",
"datePublished": "2019-10-16T18:36:42.198539Z",
"dateReserved": "2019-08-20T00:00:00",
"dateUpdated": "2024-11-21T19:07:35.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20828
Vulnerability from cvelistv5
Published
2022-06-24 15:25
Modified
2024-11-01 19:00
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerability is due to improper handling of undefined command parameters. An attacker could exploit this vulnerability by using a crafted command on the CLI or by submitting a crafted HTTPS request to the web-based management interface of the Cisco ASA that is hosting the ASA FirePOWER module. Note: To exploit this vulnerability, the attacker must have administrative access to the Cisco ASA. A user who has administrative access to a particular Cisco ASA is also expected to have administrative access to the ASA FirePOWER module that is hosted by that Cisco ASA.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco FirePOWER Services Software for ASA |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:50.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220622 Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asasfr-cmd-inject-PE4GfdG"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/168256/Cisco-ASA-X-With-FirePOWER-Services-Authenticated-Command-Injection.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20828",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T18:42:47.498802Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T19:00:55.956Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco FirePOWER Services Software for ASA",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-06-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerability is due to improper handling of undefined command parameters. An attacker could exploit this vulnerability by using a crafted command on the CLI or by submitting a crafted HTTPS request to the web-based management interface of the Cisco ASA that is hosting the ASA FirePOWER module. Note: To exploit this vulnerability, the attacker must have administrative access to the Cisco ASA. A user who has administrative access to a particular Cisco ASA is also expected to have administrative access to the ASA FirePOWER module that is hosted by that Cisco ASA."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-236",
"description": "CWE-236",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-05T16:06:12",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220622 Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asasfr-cmd-inject-PE4GfdG"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/168256/Cisco-ASA-X-With-FirePOWER-Services-Authenticated-Command-Injection.html"
}
],
"source": {
"advisory": "cisco-sa-asasfr-cmd-inject-PE4GfdG",
"defect": [
[
"CSCwb32418"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-06-22T23:00:00",
"ID": "CVE-2022-20828",
"STATE": "PUBLIC",
"TITLE": "Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco FirePOWER Services Software for ASA",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerability is due to improper handling of undefined command parameters. An attacker could exploit this vulnerability by using a crafted command on the CLI or by submitting a crafted HTTPS request to the web-based management interface of the Cisco ASA that is hosting the ASA FirePOWER module. Note: To exploit this vulnerability, the attacker must have administrative access to the Cisco ASA. A user who has administrative access to a particular Cisco ASA is also expected to have administrative access to the ASA FirePOWER module that is hosted by that Cisco ASA."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.5",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-236"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220622 Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asasfr-cmd-inject-PE4GfdG"
},
{
"name": "https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/",
"refsource": "MISC",
"url": "https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/"
},
{
"name": "http://packetstormsecurity.com/files/168256/Cisco-ASA-X-With-FirePOWER-Services-Authenticated-Command-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/168256/Cisco-ASA-X-With-FirePOWER-Services-Authenticated-Command-Injection.html"
}
]
},
"source": {
"advisory": "cisco-sa-asasfr-cmd-inject-PE4GfdG",
"defect": [
[
"CSCwb32418"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20828",
"datePublished": "2022-06-24T15:25:16.277268Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-01T19:00:55.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34781
Vulnerability from cvelistv5
Published
2021-10-27 18:55
Modified
2024-11-07 21:46
Severity ?
EPSS score ?
Summary
A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to a lack of proper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, which causes a DoS condition on the affected device. The device must be manually reloaded to recover.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-rUDseW3r | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.142Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211027 Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-rUDseW3r"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34781",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:44:33.446840Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:46:12.549Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to a lack of proper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, which causes a DoS condition on the affected device. The device must be manually reloaded to recover."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T18:55:52",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211027 Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-rUDseW3r"
}
],
"source": {
"advisory": "cisco-sa-ftd-dos-rUDseW3r",
"defect": [
[
"CSCvy13543"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-10-27T16:00:00",
"ID": "CVE-2021-34781",
"STATE": "PUBLIC",
"TITLE": "Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to a lack of proper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, which causes a DoS condition on the affected device. The device must be manually reloaded to recover."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211027 Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-rUDseW3r"
}
]
},
"source": {
"advisory": "cisco-sa-ftd-dos-rUDseW3r",
"defect": [
[
"CSCvy13543"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34781",
"datePublished": "2021-10-27T18:55:52.320484Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:46:12.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34762
Vulnerability from cvelistv5
Published
2021-10-27 18:55
Modified
2024-11-07 21:44
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The attacker would require valid device credentials. The vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTPS request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to read or write arbitrary files on the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dir-traversal-95UyW5tk | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Firepower Management Center |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.207Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211027 Cisco Firepower Management Center Software Authenticated Directory Traversal Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dir-traversal-95UyW5tk"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34762",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:42:46.118918Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:44:23.088Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Firepower Management Center",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The attacker would require valid device credentials. The vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTPS request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to read or write arbitrary files on the device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-26",
"description": "CWE-26",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T18:55:36",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211027 Cisco Firepower Management Center Software Authenticated Directory Traversal Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dir-traversal-95UyW5tk"
}
],
"source": {
"advisory": "cisco-sa-fmc-dir-traversal-95UyW5tk",
"defect": [
[
"CSCvy41771"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Firepower Management Center Software Authenticated Directory Traversal Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-10-27T16:00:00",
"ID": "CVE-2021-34762",
"STATE": "PUBLIC",
"TITLE": "Cisco Firepower Management Center Software Authenticated Directory Traversal Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Firepower Management Center",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The attacker would require valid device credentials. The vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTPS request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to read or write arbitrary files on the device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-26"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211027 Cisco Firepower Management Center Software Authenticated Directory Traversal Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dir-traversal-95UyW5tk"
}
]
},
"source": {
"advisory": "cisco-sa-fmc-dir-traversal-95UyW5tk",
"defect": [
[
"CSCvy41771"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34762",
"datePublished": "2021-10-27T18:55:36.199997Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:44:23.088Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-15269
Vulnerability from cvelistv5
Published
2019-10-16 18:36
Modified
2024-11-21 19:07
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-firepwr-xss | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Firepower Management Center |
Version: unspecified < n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:42:00.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20191016 Cisco Firepower Management Center Multiple Cross-Site Scripting Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-firepwr-xss"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-15269",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:56:03.852324Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:07:27.044Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Firepower Management Center",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-16T18:36:42",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20191016 Cisco Firepower Management Center Multiple Cross-Site Scripting Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-firepwr-xss"
}
],
"source": {
"advisory": "cisco-sa-20191016-firepwr-xss",
"defect": [
[
"CSCvq53902",
"CSCvq53915"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Firepower Management Center Multiple Cross-Site Scripting Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-10-16T16:00:00-0700",
"ID": "CVE-2019-15269",
"STATE": "PUBLIC",
"TITLE": "Cisco Firepower Management Center Multiple Cross-Site Scripting Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Firepower Management Center",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.8",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20191016 Cisco Firepower Management Center Multiple Cross-Site Scripting Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-firepwr-xss"
}
]
},
"source": {
"advisory": "cisco-sa-20191016-firepwr-xss",
"defect": [
[
"CSCvq53902",
"CSCvq53915"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-15269",
"datePublished": "2019-10-16T18:36:42.627088Z",
"dateReserved": "2019-08-20T00:00:00",
"dateUpdated": "2024-11-21T19:07:27.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34761
Vulnerability from cvelistv5
Published
2021-10-27 18:55
Modified
2024-11-07 21:44
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. The attacker must have administrative credentials on the device. This vulnerability is due to incomplete validation of user input for a specific CLI command. An attacker could exploit this vulnerability by authenticating to the device with administrative privileges and issuing a CLI command with crafted user parameters. A successful exploit could allow the attacker to overwrite or append arbitrary data to system files using root-level privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-write-SHVcmQVc | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Firepower Threat Defense Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211027 Cisco Firepower Threat Defense Software CLI Arbitrary File Write Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-write-SHVcmQVc"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34761",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:39:50.562966Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:44:29.552Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Firepower Threat Defense Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. The attacker must have administrative credentials on the device. This vulnerability is due to incomplete validation of user input for a specific CLI command. An attacker could exploit this vulnerability by authenticating to the device with administrative privileges and issuing a CLI command with crafted user parameters. A successful exploit could allow the attacker to overwrite or append arbitrary data to system files using root-level privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "CWE-73",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T18:55:30",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211027 Cisco Firepower Threat Defense Software CLI Arbitrary File Write Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-write-SHVcmQVc"
}
],
"source": {
"advisory": "cisco-sa-ftd-file-write-SHVcmQVc",
"defect": [
[
"CSCvy41757"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Firepower Threat Defense Software CLI Arbitrary File Write Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-10-27T16:00:00",
"ID": "CVE-2021-34761",
"STATE": "PUBLIC",
"TITLE": "Cisco Firepower Threat Defense Software CLI Arbitrary File Write Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Firepower Threat Defense Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. The attacker must have administrative credentials on the device. This vulnerability is due to incomplete validation of user input for a specific CLI command. An attacker could exploit this vulnerability by authenticating to the device with administrative privileges and issuing a CLI command with crafted user parameters. A successful exploit could allow the attacker to overwrite or append arbitrary data to system files using root-level privileges."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.4",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-73"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211027 Cisco Firepower Threat Defense Software CLI Arbitrary File Write Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-write-SHVcmQVc"
}
]
},
"source": {
"advisory": "cisco-sa-ftd-file-write-SHVcmQVc",
"defect": [
[
"CSCvy41757"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34761",
"datePublished": "2021-10-27T18:55:30.453403Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:44:29.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34755
Vulnerability from cvelistv5
Published
2021-10-27 18:55
Modified
2024-11-07 21:44
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Firepower Threat Defense Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211027 Cisco Firepower Threat Defense Software Command Injection Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34755",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:42:48.873506Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:44:44.575Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Firepower Threat Defense Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T18:55:17",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211027 Cisco Firepower Threat Defense Software Command Injection Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8"
}
],
"source": {
"advisory": "cisco-sa-ftd-cmdinject-FmzsLN8",
"defect": [
[
"CSCvx86283",
"CSCvy16559",
"CSCvy16573",
"CSCvy19225"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Firepower Threat Defense Software Command Injection Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-10-27T16:00:00",
"ID": "CVE-2021-34755",
"STATE": "PUBLIC",
"TITLE": "Cisco Firepower Threat Defense Software Command Injection Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Firepower Threat Defense Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.8",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211027 Cisco Firepower Threat Defense Software Command Injection Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8"
}
]
},
"source": {
"advisory": "cisco-sa-ftd-cmdinject-FmzsLN8",
"defect": [
[
"CSCvx86283",
"CSCvy16559",
"CSCvy16573",
"CSCvy19225"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34755",
"datePublished": "2021-10-27T18:55:17.981307Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:44:44.575Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34764
Vulnerability from cvelistv5
Published
2021-10-27 18:55
Modified
2024-11-07 21:44
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Firepower Management Center |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.194Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211027 Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34764",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:39:47.731617Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:44:08.882Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Firepower Management Center",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T18:55:46",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211027 Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg"
}
],
"source": {
"advisory": "cisco-sa-fmc-xss-openredir-TVPMWJyg",
"defect": [
[
"CSCvx32283",
"CSCvx55664"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-10-27T16:00:00",
"ID": "CVE-2021-34764",
"STATE": "PUBLIC",
"TITLE": "Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Firepower Management Center",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.8",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-601"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211027 Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg"
}
]
},
"source": {
"advisory": "cisco-sa-fmc-xss-openredir-TVPMWJyg",
"defect": [
[
"CSCvx32283",
"CSCvx55664"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34764",
"datePublished": "2021-10-27T18:55:46.901355Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:44:08.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34756
Vulnerability from cvelistv5
Published
2021-10-27 18:55
Modified
2024-11-07 21:44
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Firepower Threat Defense Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211027 Cisco Firepower Threat Defense Software Command Injection Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34756",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:42:47.721605Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:44:36.768Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Firepower Threat Defense Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T18:55:24",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211027 Cisco Firepower Threat Defense Software Command Injection Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8"
}
],
"source": {
"advisory": "cisco-sa-ftd-cmdinject-FmzsLN8",
"defect": [
[
"CSCvx86283",
"CSCvy16559",
"CSCvy16573",
"CSCvy19225"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Firepower Threat Defense Software Command Injection Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-10-27T16:00:00",
"ID": "CVE-2021-34756",
"STATE": "PUBLIC",
"TITLE": "Cisco Firepower Threat Defense Software Command Injection Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Firepower Threat Defense Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.8",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211027 Cisco Firepower Threat Defense Software Command Injection Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8"
}
]
},
"source": {
"advisory": "cisco-sa-ftd-cmdinject-FmzsLN8",
"defect": [
[
"CSCvx86283",
"CSCvy16559",
"CSCvy16573",
"CSCvy19225"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34756",
"datePublished": "2021-10-27T18:55:25.058754Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:44:36.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2019-10-16 19:15
Modified
2024-11-21 04:28
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2600_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C64DA6-67CC-4901-8EF8-282D84555BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2600_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "06308669-7D6F-4A0A-8691-3A7853B89BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2600_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAFDDF3-F1A8-4D49-8BF8-DB338B7BFA8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2600_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C164E603-8E87-4783-90C9-0A363B860514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2600_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F432182E-9019-4D10-9F54-2060267E0BEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D158D934-FE4D-4BB1-B674-30666F04D510",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7030_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C159BC8-9960-4429-BDCE-31F96C6845B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7030_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D2F5DC8-7C97-40B7-8B3A-8B3B34FBCEC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7030_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36E0FDFB-3745-4848-88AE-9FFDC1AFE60A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7030_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C25D445-CFBA-489E-8473-3A3B6AF11D2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7030_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "35B3DCD8-F5B7-4EDD-9BD8-64BE9072F1C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497E5799-968E-438E-ADE9-205E947A33A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7110_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9881608D-5882-42EB-A6B9-BA37AF6308B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7110_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0EFE587C-7C60-4352-8925-7010D4C64DB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7110_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BFF8F49B-2AD9-4B05-BF37-F34E2B29430B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7110_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C1449A5-391A-44F7-828C-07A892979BCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7110_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBC8CB8-22C5-40CB-B526-AF5276FA22E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CFB0F77-2A56-439D-87AC-18ED59413F4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7115_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D47CF49F-CC68-4588-8EAB-5F509F6E039F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7115_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92F225CE-F15D-456E-9963-CC459BEA50AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7115_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AAA47EC5-B53A-4A50-BD29-A97CA9EE2AFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7115_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB1EC8B-32BF-4BE0-A743-E2FB11B66A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7115_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76B50340-88C5-4286-8A81-5FAC7186312D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D30DB8A4-83D5-4DA4-8F78-0A7109406E61",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_virtual_appliance_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4E4B501-5784-4818-8DD2-79087B5FD02D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_virtual_appliance_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4FDB8149-06E3-4689-8292-2B20E0448C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_virtual_appliance_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8644B8-9F3A-4FF7-8ED7-D001335211FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_virtual_appliance_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "274CDA68-1507-4328-A64E-9A1D35A23B18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_virtual_appliance_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "86D052F5-7C8C-4012-A820-0182DA058585",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_virtual_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B4F454C-D675-426F-961F-3A85BBF4AD4A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A847AACC-CF3F-4A5B-8774-4E79358BC034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2000_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "39ABFD56-2C46-4726-92EB-62C158E8FC09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2000_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "56FEF5C9-7C9C-4687-A3F5-2885DC17864A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2000_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "962A592C-E1CD-43EC-8128-885820A2A3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2000_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0114A51-3631-457D-943A-26486E2D180B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A389E5A4-0994-4F75-A264-18371D726ACA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "661A536A-5E5F-4497-A99B-2DF4E74EF20A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1000_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10C5B3-6689-4CC6-9C07-57970ACD1B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1000_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D44900A1-5A38-48F6-A4D6-398671C2EB2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1000_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AFB6FE3D-C668-42C1-ACCB-48A070D13F89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1000_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C5E501CB-0AF6-40F3-82A9-C60205222054",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44C4E004-BCBA-4C2A-BBC7-8C6F9E54CC15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_3500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C402DEB-B3E8-4101-922C-24E47D5CCF34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_3500_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9C8B56-134D-4F34-95EF-4A119A1E92A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_3500_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5557C5-59AE-418A-BC3C-A1B96AAC51F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_3500_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B812A7C-12A8-463A-B7FE-953059858B87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_3500_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63B354D1-B0C9-4DE9-BF9D-645038A30070",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firesight_management_center_3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B96B6255-BEE7-4AF7-BC82-74CDCBE2BEA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7125_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29FCDCEF-6C7F-4730-90EB-D050D43022F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7125_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8CB20C00-E6BA-4679-B1D1-5CFC3EAD01E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7125_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "351768E4-FF6F-43A1-9734-B4CC2CEDC4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7125_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FF69F3-F694-45C6-ABAD-AEDD038AA854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7125_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C4A03D-E342-4CC0-90DB-214708A6521A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7125:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBD966A-B931-475A-924C-C1557B6CE7DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3FA6EFE-519D-4F4B-AC0D-2B30835A2791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4000_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ED5A779-0EC9-4F72-8800-51AAD92F58C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4000_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "265B9DA9-9B03-446C-968F-938314AE5E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4000_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4B24811-C24A-400D-BAC5-4A12BA98C21A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4000_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3512B69-502C-42FA-9A25-9C0E4DBBDE4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A9FD1A9-1BB3-4FFB-AB75-5BF8AF61FF1D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8290_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A5B34A4-0488-4A07-8597-965AA22BF143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8290_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB48007-9D6D-4716-BBEF-B8E87220999F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8290_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53DFF764-B866-48AC-9D33-206D263C5CFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8290_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "614430E7-07AD-4982-B80A-ECF8FB942FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8290_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA0B306F-C37C-4237-AE5F-44DD1EAA7E6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8290:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F78A7356-59B9-4A8D-BBDB-6A70DDA5A183",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_1500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "192E9283-3AF0-4920-BD79-166DFF254AAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_1500_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E648B6F7-C419-4571-89BC-8EA84188A938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_1500_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89FB645E-D23D-4860-9DDF-5C891F49BB66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_1500_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "01CC780F-AC50-421B-A789-3913B669D330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_1500_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D29DD0D6-42F1-4BE4-B224-0799DEB9A779",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firesight_management_center_1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756594F4-D397-425F-ACA3-2E130729B736",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_750_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45430488-9E0E-4BA2-8469-2EC714683A50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_750_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "229B5461-A53A-4B98-90FB-31F712E9D6A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_750_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79D5687D-3591-4593-B38A-35D0F2A5F289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_750_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "01193955-8BF5-41BB-A882-BDCCC5996D0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_750_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3958D5B-00FB-4758-9BE2-BDF1E3E245CD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firesight_management_center_750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DE96D31-BB8C-46F0-98F2-903F794C19D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7120_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3966AB9-5ABF-4A7B-A26B-90A7D05E67E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7120_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5E5298-C1BB-450B-B528-531BC9DC3DA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7120_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9EE632-E0B7-4992-ABAA-67DACE8117A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7120_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C97CF976-C065-4F00-9457-C763B1329FC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7120_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE29DEB7-B68D-4107-8FFC-2A9F3BD62B50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "483066C8-ED60-456D-B2BE-110524DDE1AA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7010_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "663D596C-6482-41C7-868F-32DC565E0324",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7010_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04143EB3-1219-4AA6-BEBC-C67E3057FE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7010_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89826886-4E12-4AB3-B573-6A6DE55F1B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7010_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "23428C6C-C1D0-495B-B684-332F4F1FCB33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7010_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E5EB4C-FE47-4E90-BF6F-97EE1A270EA8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBED4712-39D6-4DFD-B8A5-AF20027DD97E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8370_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF289F3-4B49-48D3-950F-22F0D83135D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8370_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9627CB94-72D7-49B9-AFEB-FDE8BA77BF31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8370_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E13D0532-8241-48E0-85B5-10DA232EEC8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8370_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A17CADB1-62C6-4D1A-98A9-5F525A39AFF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8370_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C9DDCB4-BF17-4976-A59C-17A5F2A1D6A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A1A5F5A-51F7-4F5D-8901-FA0200602F77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1600_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9ED30B7-1215-4818-A630-B8BE7257F65C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1600_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3F38C4E-6A06-4557-BD1D-57B166D3D3D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1600_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C4EC750-C354-497D-B13D-F9EB89A86725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1600_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D8132B0A-B0BE-46C2-B49D-20A60B19D354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1600_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE9A0FEE-DAC9-4D8E-934E-3B0D5763907B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E28590D-A09E-4EEC-B54F-80D7CBE21C0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7020_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "867E4AE8-EBC1-4190-825D-D005AA04EBC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7020_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76DDE62F-CD56-4061-9BEC-7439E71F2F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7020_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "211CFA56-66A2-41EF-BA3B-5A571EE725E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7020_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "367A4D03-7BC1-424E-ADFF-7E15574FE9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7020_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32961007-7D00-4AEC-BD93-6CAD50DF0883",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF7D9A02-6ED1-4118-9950-8D5537B1DDCA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:amp_8150_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C75D74B-5449-4155-9FD8-64FCFF82B441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_8150_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12CD87A6-4B90-42F8-BC58-966DBF78A81E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_8150_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B80F5F83-FB44-43CA-8C26-0A2246CDA8F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_8150_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE3491BD-BF35-424D-8315-414DC7759527",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_8150_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60BD879A-4B84-47BC-B7EC-9F9A7F01F62F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:amp_8150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B6B5352-91B4-4568-A43D-48A534904AAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8130_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97E0CB80-A487-490D-834F-093ED8E7B387",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8130_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3A26A55-B676-4E6D-B5CC-2630E0EA9E3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8130_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D4786EA9-9E06-4D31-B823-0CACC24F0C9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8130_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEC48217-BD15-4A60-91D7-754B935C938E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8130_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5782A7AA-C3A6-4A36-9505-92A259E2A2BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA4BA4BB-C7AA-4D60-BCCF-733988E954D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ngips_virtual_appliance_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA2CEE9-5BE0-4A54-B788-E0AAB76C1027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ngips_virtual_appliance_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C64446C-CE03-4C60-B477-B2D2206F3303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ngips_virtual_appliance_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B34F90D8-6918-41D0-AD61-698EF5EC2954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ngips_virtual_appliance_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "22C45A52-20BF-4B95-8E89-54918313E7E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ngips_virtual_appliance_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8996040-6A60-4A46-AA4E-C3ED35D62033",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ngips_virtual_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34B16156-73F5-4172-ABB1-8BA2F950ABE9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8390_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D23F9B-E314-47C6-BA1B-AEAA6232D028",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8390_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "704C8F4E-1C87-4CAE-B04E-607E7580B7FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8390_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0D0940-7EBA-4EAA-91FD-B8AAAD29949E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8390_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6A2B4A-D342-4BA4-BD96-B08479038013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8390_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "020091DE-F2FA-497E-ACCB-6FEF9A40AEBA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8390:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2AE0775-6C5E-4360-977C-57D9DDD4C9B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8270_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA6240B2-C15C-484A-980D-6A5E174B45A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8270_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4CC79E-E1F0-4FBB-A118-4DCDF767BC57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8270_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "238C18F6-1C28-44CF-B2E7-256025632E0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8270_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44F1FDDD-0034-476F-9705-B3D066D828BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8270_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A997BB50-6FB9-45C2-8F6B-47190212D22F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B22719-10C9-4FF4-A330-68F0F870FD4E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AAB759E-3512-4589-8BD8-CA7FBA5B3C9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4500_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA1DB84D-E13C-4BA0-B653-0DFAB47D43AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4500_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DC3D1443-4CE6-40AD-ABC5-B874891B4E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4500_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93ADA9A4-73B4-4DB1-87EB-F37CCC0E6DAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4500_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD664B0A-BE32-441D-8228-A6F959BBC0C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_4500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05426855-230D-45AA-BD24-DEBBB924C43E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8250_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76D82A98-588A-4C4E-B1DB-987FF08807D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8250_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C42EEFD9-5EAD-44DA-8262-843805EF5A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8250_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4373F5B7-DDF6-46C7-A5C2-8DB8B816E0B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8250_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66EB562E-CBCE-4B9F-A06E-FD8AD3AF55B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8250_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0241D00B-DB0A-4E0F-8D2F-B2DCEDC5B2E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "149B56F8-C51B-4215-A649-9408FD27413D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4600_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18FA050B-E513-4C7F-9602-63772226928C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4600_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9147AC07-5080-4C7A-B88C-91EE22E1CEEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4600_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6820CBBD-D02E-458B-83E2-13CC99F308D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4600_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "91F16C26-903B-4E9B-9CC6-459D45513506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4600_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3939D70E-21B1-43A5-93C6-081123025B27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF6B1F6-5F19-4DB6-9371-CE8F2696CB2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E56041DA-4026-4DBC-90FF-E15BF2CF8844",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2500_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F546C797-CAAA-40FE-A658-AB07768428DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2500_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E92C1393-89D7-4BCA-9BE3-34F8D272AD1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2500_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B3B5C87B-9EEC-4FC2-B430-6529A990ADCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2500_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "493A75B3-489E-455E-87FA-FE2690C0B655",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_2500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E36B8162-AF24-4538-B81E-6FB95AC221C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8120_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF61BEA-3E68-4B98-92C0-463DDBA70941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8120_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7818992A-BC24-42F2-A13C-AF8E0C586FD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8120_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92724295-072F-4A98-9A65-4AFE2A6EE473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8120_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4628A45C-40AC-44EF-9329-2D3EC82BDC0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8120_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "738ECCC7-9D9C-4AC9-86B2-BFF17DACC106",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52DD84FD-BC19-4E94-BBDC-176A38CA95B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:amp_7150_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54F291D0-EBC1-48DB-9B34-DF027064D7BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_7150_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D1332BEE-E27E-4F6F-A1BB-273EF877B2D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_7150_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B237657C-6F1C-46E6-97CE-CD9549C28F30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_7150_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69ABEBD8-322D-4582-817D-778B91A8E44A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_7150_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90497A42-243E-4056-A390-CB3D7824B433",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:amp_7150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F299F4A-CA8C-46EA-A86F-CA52C182DAE6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8350_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF13BD0F-3BD2-45E5-8147-DE52A27582CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8350_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A5E4309-3730-4B37-B33F-4A7008250E1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8350_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0B2D0C0-E1B5-456D-8B83-324661ACA931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8350_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC96C4A-6149-4452-AC4F-A33F375DC14C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8350_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEB718B-64BA-4FB9-9371-59765DA11C08",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7FC1382-F102-4946-A5E5-467D40953637",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8140_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3926472-2AA9-4A24-9E3C-0553C2FA0408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8140_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A8FD8E-2230-4BF3-A357-77000349A028",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8140_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB883EB-6AFF-4F41-A092-EF1AACD4605E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8140_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B470E99-1597-4B4D-8150-D0100F28C9F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8140_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C98F7CA4-FEC1-464B-B86A-90A64641D75D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B47B208A-6219-4037-8D9E-1B49C0E70BA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7050_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0397B1B0-CAFC-433E-AA92-39F70DA49563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7050_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E4F7D03-A698-46F1-8386-D4DDE9677CC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7050_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0E4D3E-6F4F-4DF5-B910-115ECC9CA2F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7050_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9D582D-30A3-421A-999A-D48BF1BD3CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7050_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF8FBB6-C045-4E99-9DBD-B30AF9D25406",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52AA3762-FFDD-4376-8D79-B393CBFAE23A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8260_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3400D0D-29A0-4FB8-9834-7F69BCB51E29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8260_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B2DA21A-DCB1-42E1-BBC3-B37D4AF369F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8260_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E90CAA74-2C98-4CF5-8897-A4B99526D680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8260_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FA6CED6-90AA-410F-B001-0D816226B12C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8260_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A70452EB-F072-4DFF-B2C5-14AA1EB52488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB97E4A5-2373-49F3-8A8B-005BAC9BEC32",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8360_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E221489F-148E-478E-9664-6F9246888063",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8360_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3D4C6A40-256B-45BB-9F77-31F868C5A6A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8360_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEA46250-2E2B-44C5-81BD-B71BFC59BC65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8360_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFB5C0C8-0433-4B6B-B149-A2F3C1D3D8C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8360_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2617CE09-4275-459B-80C9-D8BBB75FB7EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8360:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F58D55B-E671-44E4-841F-72F95D20C4A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en la interfaz de administraci\u00f3n basada en web de Cisco Firepower Management Center (FMC), podr\u00edan permitir a un atacante remoto autenticado conducir un ataque de tipo cross-site scripting (XSS) contra un usuario de la interfaz de administraci\u00f3n basada en web. Estas vulnerabilidades son debido a una comprobaci\u00f3n insuficiente de la entrada suministrada por el usuario mediante la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda explotar estas vulnerabilidades persuadiendo a un usuario de la interfaz para que haga clic en un enlace dise\u00f1ado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo de script arbitrario en el contexto de la interfaz o acceder a informaci\u00f3n confidencial basada en navegador."
}
],
"id": "CVE-2019-15268",
"lastModified": "2024-11-21T04:28:19.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-16T19:15:14.347",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-firepwr-xss"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-firepwr-xss"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-27 19:15
Modified
2024-11-21 06:11
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A08538C5-6957-42B4-894B-1AF04FC904A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "01DFAA87-6DB1-419B-A2F4-F1FB3A7B8A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F75D9CB4-406B-4FBF-BC7A-35C2CCEFD8B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C16F3BD-2ACD-44A0-9033-13CB59A50FE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C0FC62F-65AD-4855-953A-DA5BBFC1B2E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28629BA3-B1ED-409B-9FB1-E2159D95D975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49436378-0578-48F6-AE54-7C8D88574864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B11AE299-AE40-42EB-9C0B-3865C932E766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA792E5D-7270-4C23-A8D6-22EB00CB21A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB38685-4255-4565-98AA-234B9DEEADE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF689E1-22FF-467F-B5A7-59833D77971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5429F29E-BEE8-4989-B5F3-A9BABBF64D31",
"versionEndExcluding": "6.4.0.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
"versionEndExcluding": "6.6.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
"versionEndExcluding": "6.7.0.3",
"versionStartIncluding": "6.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38E2B495-A0B6-4049-8C90-96CF62BC1BFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20741BF4-6F44-42DE-B05E-EDB4176CAD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E4A3574-53DC-4328-A229-87795AE4F7AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B273B25-634A-48FF-B290-4A332F84E0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBC6544-6ADF-4F95-A969-A8D953D11B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04DF03B7-9C70-4BEE-8AE4-6AA134322C0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F47E43-116B-4176-9E79-0BA7CBA16869",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B02800C-6420-4758-89CF-66F47B4FCA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F41081E-06CF-4BA2-9072-E18D9032BEBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52ED507A-5075-4444-A2D1-F5657453AD3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5E9A6F5-8BC2-4FA5-9920-E980EFC5BCEE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "Varias vulnerabilidades en la interfaz de administraci\u00f3n basada en la web del software Cisco Firepower Management Center (FMC) podr\u00edan permitir a un atacante ejecutar un ataque de tipo cross-site scripting (XSS) o un ataque de redireccionamiento abierto. Para conseguir m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-34764",
"lastModified": "2024-11-21T06:11:08.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-27T19:15:08.177",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-26 16:09
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based management interface of the affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions on the targeted device via a web browser and with the privileges of the user. Cisco Bug IDs: CSCvb19750.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/104519 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepower-csrf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104519 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepower-csrf | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D1AFAC1-419D-4ADB-868B-1544BED58B7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6614ED6C-E77E-4C0D-AA96-0BEE84BE2F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EEEB9A40-0062-406D-B56D-3163CBBE08D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4A52EA-D464-4855-ABEC-FD98E0F3BD97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5233F7-5743-467C-9C59-F5C51B47184A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6175407A-207E-4844-B150-EA0129C4CBBD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8360_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5D4D8D5-BA8F-4CB6-A435-B50903841C9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8360_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DB0079A-2ADD-42FF-A909-FEC1BC2331C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8360_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6AD50DD0-1B7E-4691-A134-82E05EAD40BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8360_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "76FB5DAC-47D4-419E-8926-B750C4A68EBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8360_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "056C6875-D0D5-4597-9E03-32496BA581D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8360_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ADF9BB4E-6E26-4409-9BCA-1134D28480DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7409BD90-9739-4123-AECF-221F0E0414D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_2500_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "70A373BF-C69B-4A7B-BDFF-3F841537C233",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_2500_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C113FF8-1730-42DF-8DB8-B68DBC1B2720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_2500_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F8CC13-77BD-43F5-8C13-96AEE45DDBBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_2500_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B13AC28-443B-459C-920D-D0DC788469BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_2500_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "097D95BE-292C-4E69-BCB2-D1660D58D9CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_2500_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "608FBE2E-4F2D-44E0-B339-B204ECCC17CC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_2500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92DBD26B-87CE-4437-A5C8-A1DDEFECFAF7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8120_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C18E1BF9-F5C2-4AC6-8C18-F6519E4969DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8120_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D864031C-5651-4DFF-80B3-AFE851B9EEB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8120_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "399B632E-1A30-4356-A2A1-F6CC511649C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8120_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24950812-1217-467E-9BD8-0BF89B17C8B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8120_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0383E73D-CD1C-478F-986A-4A35DBFE5740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8120_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DF87010A-1A3A-4056-A12D-356268C7A934",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8120:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C88D9FD9-1171-44EA-B756-62E2BBC127DF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8260_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A970F3D-49B9-4B0C-8294-C9F9DACC7D37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8260_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14FD26AB-EF68-46F0-B6AC-3459861FFA54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8260_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0A18D2-BE0E-4B4B-B2E8-4F76EAD77CBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8260_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7980F8A9-DD98-466F-9F63-AFA98ED2091D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8260_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9B6D15A-88D4-4557-8C00-0E4D1BCA9954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8260_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AFEA4785-6875-486A-BA8C-1A619B375465",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8260:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB919F7-E1EF-498E-8707-E062AD006260",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7050_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E5C734C-C02D-4E93-8655-07CDCF9C8294",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7050_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9B64CC-5C06-4DE9-94FC-FB16BA758E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7050_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "823C3EDE-19CC-4B9C-B40F-6241D8E19DB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7050_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F81598-B000-450E-961B-9CC3D9889A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7050_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E5886EDA-F7EC-4933-A02E-DBF12C7ED1C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7050_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "19493C92-3474-4522-ACDB-BC8C10555369",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7050:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7217BCEE-5C6D-4EEB-82A0-75E3F16ECE34",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8130_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D35475FF-0239-4147-B06F-0A60BD836CD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8130_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3246E18-3112-4D80-8E21-C87F6AA4936C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8130_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F23304D-43DB-46BE-9640-087054D26F3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8130_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E57F396-9072-4F0C-8B3F-703183F76556",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8130_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "967B4433-9829-488A-B53D-FB42010AB087",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8130_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC34DC11-24DA-4803-BF5B-44F47DB538DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8130:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6977E3E8-10BA-404D-9B66-0A9BEC9F52F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8140_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F44813-6078-4B23-BF6D-D59AAEA337E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8140_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D84D03E4-FCCE-4938-AC2D-52515FB74733",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8140_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "05D24EB0-27C3-4A50-85E6-56DD84927565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8140_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4CA79502-3725-4D05-9EF2-ECD8712B6106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8140_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE04EE5-42A3-4469-9278-61FD12B860E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8140_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9500773A-6A58-4F93-8F92-817E01DBCEB3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8140:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9D39C95-ADAF-4D42-8CA4-164336734493",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8350_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1DDCC721-3D93-473F-A9F5-DDCC87DC45FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8350_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C317972-C371-437C-95B5-5174C44BAC6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8350_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D4C411A-DFEE-4FEB-A70B-3EEB6633A455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8350_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D03121C3-4AE4-464E-8FE3-22810B6D2AB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8350_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7B2EC3-B938-4C5F-A16D-B79DC62DEFC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8350_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA91048C-134F-451C-8174-3DA67EE1E1C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8350:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9603A10C-F404-4C3B-9078-94AF82E18F69",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:amp_8150_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "66AD4B4B-DE12-4A17-BBCE-1B8BBFC4CA9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_8150_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "592ED66B-EAFB-45B6-82DA-6F9936FDBE86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_8150_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1AFBBB59-1C19-48EC-A186-1B855969FF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_8150_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9F1A168B-34A8-468E-A6F2-65986F333B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_8150_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63A7BF21-6CAA-4EA3-A4B5-AB625C5D3C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_8150_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6B35BD06-A9C3-4E39-9EAA-5EF81FF2DED1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:amp_8150:*:*:*:*:*:*:*:*",
"matchCriteriaId": "785EE03B-06DF-49FD-BBB6-A1FF4516F636",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:amp_7150_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "74395E25-4BCF-4B7E-942C-E2CD5A44C566",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_7150_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "858224D4-7C1C-411D-9F44-72454ABFA3AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_7150_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "743C282D-2647-4590-BB77-10DE43D63A77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_7150_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0449770D-3F8F-44FC-A1C5-9213A90B5605",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_7150_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81C5B380-7C78-4B84-8F82-E24C013AE885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_7150_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "75D07DA5-ECA5-4B3B-AB35-9AA1EEFDC874",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:amp_7150:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E48337C6-F7D5-4F46-9E89-EB4C94923E35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8270_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB1DAD8-AE09-4F34-B5AC-C4F4FF826458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8270_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC967F9E-F8F2-42CC-8EFF-13E9E5F6B9AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8270_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C4BE454E-AEA2-459F-B66E-8F3F7260B162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8270_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4FB8F07-FEEB-4A11-8345-AEC6793FA939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8270_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "596C0456-7CA6-4B96-AE15-49C48C8A0D89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8270_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96BD58DA-60FD-43EC-967E-2EFD9624951B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8270:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F31BAAF0-C52D-482E-96B2-8473FF8759F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ngips_virtual_appliance:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "926419AE-4764-4AB9-8A2E-A65C3522D93F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ngips_virtual_appliance:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC211528-D057-462F-8E7C-0964DB20C1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ngips_virtual_appliance:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DAE53F9A-B34F-4C5F-9939-EFF6D404F17E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ngips_virtual_appliance:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DA3FF59-EF43-4374-86A2-079BFF448C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ngips_virtual_appliance:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "590FFF29-8788-4645-B45C-D06C6469D4AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ngips_virtual_appliance:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6445BB5A-7425-4A8E-BF77-9CC248C6CD09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8390_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "62AFC266-8BB4-4884-97A0-17E386E1ACF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8390_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E868722D-EDA7-48CF-A4DE-4B9B8A04D167",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8390_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0901B745-9129-41E5-B13E-8446FBBFB2BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8390_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A24300F-453F-465E-BA5A-BC06F5AD3E78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8390_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "93DEA727-4CBB-4C09-B006-072D6954D6C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8390_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4317A474-4914-4519-B736-2E0858045F38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8390:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29BCEA7B-1CD9-48E0-902F-ED0C9347F5BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4500_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E7621802-6474-4C8C-AC4F-E00AE417D5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4500_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2AE75A-18D3-48F0-A08F-E7AB73ECA60F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4500_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5D1C51-23A4-44A7-833E-98EA9396CB9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4500_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5268B256-3877-46FB-A464-9D8FCE9D9E67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4500_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "713F62E9-D85B-4538-B475-93FFD078AC83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4500_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "15499352-7145-403C-9CFC-2A593EBD0E0A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_4500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D667DD0-7548-453D-B4D4-E50671424BCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8250_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "95859796-5335-49E9-9C63-4E2BFFC4D897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8250_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA484BF6-DC47-4A9B-B653-DB31EA9235A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8250_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF4388A8-13AA-438E-895F-61A5E44991A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8250_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7473F455-E586-4408-99EC-419D4B575DDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8250_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A2D9BDC6-7879-4DEE-9596-F28C37B2D105",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8250_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EB1165B2-D558-4022-AD94-7723BE225D3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8250:*:*:*:*:*:*:*:*",
"matchCriteriaId": "247DEADB-B80D-4E55-9E5A-4884855403C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_750_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C05A010-6181-499C-BFA5-3967E2E4BC66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_750_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E8A826A6-6704-4043-85AC-4937B4AD6775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_750_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0EFA9E64-ADD8-4BA4-860A-E78B9DAD5124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_750_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FF4825FD-7674-415F-BA34-0922538742A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_750_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B876F2F4-0EBE-4CDD-8A98-D1D48B90C7B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_750_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E9EF6E9-DD16-495B-AE55-B17061D24492",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firesight_management_center_750:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A42683F9-CC6B-4F51-A542-2F4D6A21E0A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8370_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA44CD6-F47B-48F5-A583-6F7046D54B03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8370_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2EE53053-F3D7-4EF1-BB61-314243267CC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8370_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0063B9D7-9B2B-4678-8A71-112AA1A2CE79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8370_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "472756FF-CAA5-43EC-BB4D-5352EA4A1DAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8370_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD70A71-7AD9-4F6C-8CA8-F4C6C1F4B9DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8370_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DA9B4D7B-9DD1-4FE6-B112-F802140C1AAC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8370:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79E48492-E27D-48A6-8CEA-7DF7D31BAA04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7120_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDBDD3E-13B3-4DE5-8B6E-C590CB56CC99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7120_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F36CCF75-81CD-4836-95AD-08E570C111EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7120_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "58797388-2483-4C8F-A6DB-B6C8992FEE96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7120_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "47083124-8250-47DF-942B-5105EDD49713",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7120_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD537F68-DC77-4BEF-B4CE-0C478A17088E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7120_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A8E47A-B1E8-47FA-A02E-005E019EB492",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7120:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CAB65ED8-D7A2-47F2-AC4C-77C8080BA585",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7010_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92BE2DE0-C6DE-46A2-B5E3-8062FF872BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7010_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B73F3D-C120-468D-AB63-E3949D1F9FC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7010_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B836DE9-DC17-45A0-B869-53D8F8D8B6CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7010_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24F9BE44-0872-4EDC-8BDE-B957AC351DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7010_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07F01BE2-32D3-4A26-AD71-F532A8B93D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7010_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "72648D12-926A-40D8-AC83-D3BDA7EBDEEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73E5C1B0-AD6C-4CA1-9F2C-CF50A42864F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4000_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CC3A9535-3F0E-4882-A801-41400B5C0E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4000_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4409E73E-F180-45DF-848A-9F027A8CF5ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4000_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "573DD3CF-9149-4B33-ABB7-42C4EB1FE6C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4000_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BD9B619A-8962-4207-8C21-9D433FEC6CA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4000_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "39C3286B-679F-4D18-8CE8-B365858DD0A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4000_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4F026C5E-1E78-4403-8002-14A20BA4A2E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_4000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "704C75F9-9051-424C-B50F-5558512F0D12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8290_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D9E76011-858F-4FBD-B5CF-22984442C90B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8290_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4DAD2F73-BDA1-4E60-9816-A8C6A33B6394",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8290_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "21B6F485-9E3F-466B-82D3-CD854395F239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8290_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "738DE4B9-4109-4528-B0EF-221B614E6653",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8290_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "597A1A69-D22E-465B-A45D-6E87B9ABF759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8290_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "70AE2BB1-E0AC-4093-97F0-DE1A52BC515E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8290:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50C6718F-C316-498C-8FDB-076E5305B2E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_1500_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C1D92CA-9D24-400F-8FF3-40C0AF3F4678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_1500_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AECB7D6-17B6-4EE4-B979-A1B11AD7823A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_1500_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5675C323-6AA7-42A5-8BBC-8E0C64F77C7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_1500_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A63793B2-D520-418A-91A8-4EFF070A9044",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_1500_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "19DC5409-62B8-4D56-B05A-D0CD91BBAA37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_1500_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "38C0E54D-5AFE-46C8-AFA7-5D6F81BD3B4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firesight_management_center_1500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FAAEBC7-2433-4062-B6A0-FA3F7D000098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1000_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0EE35B34-B403-457D-95DF-48180820CA1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1000_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A46DF6DE-3C5B-4E0A-BEC4-4C5E206FB03C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1000_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E00B52-C54F-4152-ADDC-1C0985C0C33A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1000_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90B0C50A-7C40-466E-8ED8-42828BCDF079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1000_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "43585562-8F2B-43D0-8712-889214EE32BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1000_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "301655B8-EE04-4BBB-9965-CA5F2112B359",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_1000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DEFE331-C503-49C9-845E-7D8BE502510B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_3500_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "79183FCC-D7B9-4435-A966-2D30DD2EA158",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_3500_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7C455E-8C8F-4EB3-897B-9AAAC307DA32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_3500_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1591CD52-E222-4EB7-8482-ECF784D79087",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_3500_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0EDC46CB-F768-4629-BDD6-61C269CCEACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_3500_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A444CAF1-9AEC-4E3E-BFBF-ECF461EFCF47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_3500_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B080FA-7436-47DA-86C7-75021E31EB8E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firesight_management_center_3500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E875074F-E880-47B3-B098-5871DAAF610B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7125_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1B8B2B8E-214D-45EE-83AF-B1B4DFD1133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7125_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "099D3E49-7B9E-41B6-9913-89614083F69D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7125_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2E16B99E-EE46-4A33-933D-C63AE6367A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7125_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5454F348-68E0-46E2-BBE5-156BF53850AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7125_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBF12C8-22CA-4C80-AE83-9338871F3134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7125_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AF56EE9-F911-4FBF-A1B6-8AC7F5E53A51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7125:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB67B9BF-EF51-43AC-B6F7-F197586F1EFA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7020_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6556A85-D1FC-41BF-B83E-7E5DFEA88EBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7020_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC867C82-BD1D-4760-9C63-BC552CD2038B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7020_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "59DAB3A5-6694-4F8E-80BF-3E4942349D11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7020_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E1CFAEF-3524-4325-B5B2-CD1D6F6B1157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7020_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "863A35EE-597A-42D7-A6EB-D4593A78FC4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7020_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2F3806DE-8A3D-441A-A2F2-6393792F3ADD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7020:*:*:*:*:*:*:*:*",
"matchCriteriaId": "403350F3-EB94-49AA-9AC7-8A07AB4E9ACC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7030_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "010EDF8B-0304-4B12-A9ED-22A68EC685D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7030_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8042795-67CB-4009-8F68-9380D03282DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7030_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3601C15-92C2-42CD-AFBD-AA6057C01BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7030_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D0AA3E-B6AE-4925-825F-1B8C8BAB7373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7030_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "722AAF2E-1EA0-43F0-957D-CB5AE4F79F7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7030_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7DB2518D-3CF8-4E96-8AF3-95513429F344",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7030:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA825BB1-BC07-4D3B-9B99-1D79B83AA9ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7110_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3B1E9222-9F21-44A4-9756-9F6208179851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7110_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AC91F5B1-205B-4611-A410-E484C79EA541",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7110_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AFB7B9EC-121D-4232-942B-27F25E8FF5DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7110_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C135F894-EF31-45E5-B216-E76585DD3C44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7110_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1008EB-9260-41F4-B872-7905B3B912C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7110_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C0A1E22E-1BF6-4474-9CD6-F3796D0F5CA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7110:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDB31564-E16E-4F9D-98F9-69E385A2E20A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2000_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81CFF735-FC02-41B4-842C-C0BDCE9E9F89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2000_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF574BB-0702-4E58-81EF-542BFD6CDC7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2000_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF6F7B5-689C-49CC-BE05-9C784EFCD969",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2000_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "97EFFE63-E678-4032-BB46-AD3C6A045AE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2000_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CE945FC9-D465-4235-916D-02E7645CED15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2000_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06858A18-714A-46A4-8B05-606D62A95D05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_2000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB6A66B4-3278-4298-9225-2EE4934BE64B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9ED1DD0-91C4-4A51-BADA-0E2ED5D538AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A08538C5-6957-42B4-894B-1AF04FC904A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "01DFAA87-6DB1-419B-A2F4-F1FB3A7B8A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "523CA917-8C2E-400A-9442-1ED8E642FC1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "85573FFB-510F-424B-99E1-ADE7038C9354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F75D9CB4-406B-4FBF-BC7A-35C2CCEFD8B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7115_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C6E75089-32EA-4428-882D-EFF67EE0452F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7115_firmware:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA255CF6-7DF8-48A9-8BE6-86ABD5B5FDB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7115_firmware:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D10A0151-883A-4C70-A4ED-4BCEF44276D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7115_firmware:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1117C464-B0BB-45A5-9C54-3565822C9304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7115_firmware:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C57A41-5581-41BF-B4BF-449E48B91917",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7115_firmware:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F1E4BB-A41B-4BA1-BFAA-09E8AD2CF024",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7115:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBEC97D-FE29-41D7-8BF3-0FEBBEC1A69C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based management interface of the affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions on the targeted device via a web browser and with the privileges of the user. Cisco Bug IDs: CSCvb19750."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de gesti\u00f3n basada en web de Cisco Firepower Management Center podr\u00eda permitir que un atacante remoto sin autenticar lleve a cabo un ataque de Cross-Site Request Forgery (CSRF) y realizar acciones arbitrarias en un dispositivo afectado. La vulnerabilidad se debe a la medidas de protecci\u00f3n contra CSRF insuficientes para la interfaz de administraci\u00f3n web de un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad haciendo que un usuario de la interfaz siga un enlace malicioso. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante realice acciones arbitrarias en un dispositivo objetivo mediante un navegador web y con los privilegios del usuario. Cisco Bug IDs: CSCvb19750."
}
],
"id": "CVE-2018-0365",
"lastModified": "2024-11-26T16:09:02.407",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-21T11:29:01.133",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104519"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepower-csrf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepower-csrf"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-27 19:15
Modified
2024-11-21 06:11
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A08538C5-6957-42B4-894B-1AF04FC904A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "01DFAA87-6DB1-419B-A2F4-F1FB3A7B8A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F75D9CB4-406B-4FBF-BC7A-35C2CCEFD8B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C16F3BD-2ACD-44A0-9033-13CB59A50FE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C0FC62F-65AD-4855-953A-DA5BBFC1B2E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "7E738F08-C30D-46E4-A92C-D406D72E1292",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28629BA3-B1ED-409B-9FB1-E2159D95D975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49436378-0578-48F6-AE54-7C8D88574864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B11AE299-AE40-42EB-9C0B-3865C932E766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA792E5D-7270-4C23-A8D6-22EB00CB21A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB38685-4255-4565-98AA-234B9DEEADE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF689E1-22FF-467F-B5A7-59833D77971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17F461B5-E600-4C81-BA3C-1DBC90D4D438",
"versionEndExcluding": "6.4.0.13",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37A74256-AF9A-473B-9DC7-A57618BA9F00",
"versionEndExcluding": "6.6.5",
"versionStartIncluding": "6.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
"versionEndExcluding": "6.7.0.3",
"versionStartIncluding": "6.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
"versionEndExcluding": "7.0.1",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38E2B495-A0B6-4049-8C90-96CF62BC1BFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20741BF4-6F44-42DE-B05E-EDB4176CAD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E4A3574-53DC-4328-A229-87795AE4F7AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B273B25-634A-48FF-B290-4A332F84E0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBC6544-6ADF-4F95-A969-A8D953D11B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "37FBD21A-0D57-466F-B6F6-1D124A6D75D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04DF03B7-9C70-4BEE-8AE4-6AA134322C0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F47E43-116B-4176-9E79-0BA7CBA16869",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B02800C-6420-4758-89CF-66F47B4FCA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F41081E-06CF-4BA2-9072-E18D9032BEBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52ED507A-5075-4444-A2D1-F5657453AD3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5E9A6F5-8BC2-4FA5-9920-E980EFC5BCEE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "Varias vulnerabilidades en la CLI del software Cisco Firepower Threat Defense (FTD) podr\u00edan permitir a un atacante local autenticado ejecutar comandos arbitrarios con privilegios de root. Para conseguir m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-34755",
"lastModified": "2024-11-21T06:11:07.580",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-27T19:15:07.883",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-27 19:15
Modified
2024-11-21 06:11
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A08538C5-6957-42B4-894B-1AF04FC904A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "01DFAA87-6DB1-419B-A2F4-F1FB3A7B8A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F75D9CB4-406B-4FBF-BC7A-35C2CCEFD8B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C16F3BD-2ACD-44A0-9033-13CB59A50FE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C0FC62F-65AD-4855-953A-DA5BBFC1B2E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28629BA3-B1ED-409B-9FB1-E2159D95D975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49436378-0578-48F6-AE54-7C8D88574864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B11AE299-AE40-42EB-9C0B-3865C932E766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA792E5D-7270-4C23-A8D6-22EB00CB21A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB38685-4255-4565-98AA-234B9DEEADE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF689E1-22FF-467F-B5A7-59833D77971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5429F29E-BEE8-4989-B5F3-A9BABBF64D31",
"versionEndExcluding": "6.4.0.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
"versionEndExcluding": "6.6.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
"versionEndExcluding": "6.7.0.3",
"versionStartIncluding": "6.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38E2B495-A0B6-4049-8C90-96CF62BC1BFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20741BF4-6F44-42DE-B05E-EDB4176CAD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E4A3574-53DC-4328-A229-87795AE4F7AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B273B25-634A-48FF-B290-4A332F84E0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBC6544-6ADF-4F95-A969-A8D953D11B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04DF03B7-9C70-4BEE-8AE4-6AA134322C0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F47E43-116B-4176-9E79-0BA7CBA16869",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B02800C-6420-4758-89CF-66F47B4FCA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F41081E-06CF-4BA2-9072-E18D9032BEBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52ED507A-5075-4444-A2D1-F5657453AD3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5E9A6F5-8BC2-4FA5-9920-E980EFC5BCEE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "Varias vulnerabilidades en la interfaz de administraci\u00f3n basada en la web del software Cisco Firepower Management Center (FMC) podr\u00edan permitir a un atacante ejecutar un ataque de tipo cross-site scripting (XSS) o un ataque de redireccionamiento abierto. Para conseguir m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-34763",
"lastModified": "2024-11-21T06:11:08.737",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-27T19:15:08.120",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-openredir-TVPMWJyg"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-16 19:15
Modified
2024-11-21 04:28
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2600_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C64DA6-67CC-4901-8EF8-282D84555BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2600_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "06308669-7D6F-4A0A-8691-3A7853B89BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2600_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAFDDF3-F1A8-4D49-8BF8-DB338B7BFA8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2600_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C164E603-8E87-4783-90C9-0A363B860514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2600_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F432182E-9019-4D10-9F54-2060267E0BEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D158D934-FE4D-4BB1-B674-30666F04D510",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7030_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C159BC8-9960-4429-BDCE-31F96C6845B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7030_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D2F5DC8-7C97-40B7-8B3A-8B3B34FBCEC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7030_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36E0FDFB-3745-4848-88AE-9FFDC1AFE60A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7030_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C25D445-CFBA-489E-8473-3A3B6AF11D2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7030_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "35B3DCD8-F5B7-4EDD-9BD8-64BE9072F1C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497E5799-968E-438E-ADE9-205E947A33A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7110_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9881608D-5882-42EB-A6B9-BA37AF6308B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7110_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0EFE587C-7C60-4352-8925-7010D4C64DB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7110_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BFF8F49B-2AD9-4B05-BF37-F34E2B29430B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7110_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C1449A5-391A-44F7-828C-07A892979BCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7110_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBC8CB8-22C5-40CB-B526-AF5276FA22E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CFB0F77-2A56-439D-87AC-18ED59413F4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7115_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D47CF49F-CC68-4588-8EAB-5F509F6E039F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7115_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92F225CE-F15D-456E-9963-CC459BEA50AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7115_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AAA47EC5-B53A-4A50-BD29-A97CA9EE2AFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7115_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB1EC8B-32BF-4BE0-A743-E2FB11B66A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7115_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76B50340-88C5-4286-8A81-5FAC7186312D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D30DB8A4-83D5-4DA4-8F78-0A7109406E61",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_virtual_appliance_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4E4B501-5784-4818-8DD2-79087B5FD02D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_virtual_appliance_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4FDB8149-06E3-4689-8292-2B20E0448C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_virtual_appliance_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8644B8-9F3A-4FF7-8ED7-D001335211FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_virtual_appliance_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "274CDA68-1507-4328-A64E-9A1D35A23B18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_virtual_appliance_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "86D052F5-7C8C-4012-A820-0182DA058585",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_virtual_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B4F454C-D675-426F-961F-3A85BBF4AD4A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A847AACC-CF3F-4A5B-8774-4E79358BC034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2000_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "39ABFD56-2C46-4726-92EB-62C158E8FC09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2000_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "56FEF5C9-7C9C-4687-A3F5-2885DC17864A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2000_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "962A592C-E1CD-43EC-8128-885820A2A3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2000_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0114A51-3631-457D-943A-26486E2D180B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A389E5A4-0994-4F75-A264-18371D726ACA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "661A536A-5E5F-4497-A99B-2DF4E74EF20A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1000_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10C5B3-6689-4CC6-9C07-57970ACD1B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1000_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D44900A1-5A38-48F6-A4D6-398671C2EB2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1000_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AFB6FE3D-C668-42C1-ACCB-48A070D13F89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1000_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C5E501CB-0AF6-40F3-82A9-C60205222054",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44C4E004-BCBA-4C2A-BBC7-8C6F9E54CC15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_3500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C402DEB-B3E8-4101-922C-24E47D5CCF34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_3500_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9C8B56-134D-4F34-95EF-4A119A1E92A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_3500_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5557C5-59AE-418A-BC3C-A1B96AAC51F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_3500_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B812A7C-12A8-463A-B7FE-953059858B87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_3500_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63B354D1-B0C9-4DE9-BF9D-645038A30070",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firesight_management_center_3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B96B6255-BEE7-4AF7-BC82-74CDCBE2BEA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7125_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29FCDCEF-6C7F-4730-90EB-D050D43022F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7125_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8CB20C00-E6BA-4679-B1D1-5CFC3EAD01E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7125_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "351768E4-FF6F-43A1-9734-B4CC2CEDC4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7125_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FF69F3-F694-45C6-ABAD-AEDD038AA854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7125_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C4A03D-E342-4CC0-90DB-214708A6521A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7125:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBD966A-B931-475A-924C-C1557B6CE7DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3FA6EFE-519D-4F4B-AC0D-2B30835A2791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4000_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ED5A779-0EC9-4F72-8800-51AAD92F58C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4000_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "265B9DA9-9B03-446C-968F-938314AE5E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4000_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4B24811-C24A-400D-BAC5-4A12BA98C21A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4000_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3512B69-502C-42FA-9A25-9C0E4DBBDE4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A9FD1A9-1BB3-4FFB-AB75-5BF8AF61FF1D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8290_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A5B34A4-0488-4A07-8597-965AA22BF143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8290_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB48007-9D6D-4716-BBEF-B8E87220999F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8290_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53DFF764-B866-48AC-9D33-206D263C5CFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8290_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "614430E7-07AD-4982-B80A-ECF8FB942FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8290_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA0B306F-C37C-4237-AE5F-44DD1EAA7E6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8290:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F78A7356-59B9-4A8D-BBDB-6A70DDA5A183",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_1500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "192E9283-3AF0-4920-BD79-166DFF254AAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_1500_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E648B6F7-C419-4571-89BC-8EA84188A938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_1500_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89FB645E-D23D-4860-9DDF-5C891F49BB66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_1500_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "01CC780F-AC50-421B-A789-3913B669D330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_1500_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D29DD0D6-42F1-4BE4-B224-0799DEB9A779",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firesight_management_center_1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756594F4-D397-425F-ACA3-2E130729B736",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_750_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45430488-9E0E-4BA2-8469-2EC714683A50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_750_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "229B5461-A53A-4B98-90FB-31F712E9D6A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_750_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79D5687D-3591-4593-B38A-35D0F2A5F289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_750_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "01193955-8BF5-41BB-A882-BDCCC5996D0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firesight_management_center_750_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3958D5B-00FB-4758-9BE2-BDF1E3E245CD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firesight_management_center_750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DE96D31-BB8C-46F0-98F2-903F794C19D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7120_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3966AB9-5ABF-4A7B-A26B-90A7D05E67E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7120_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5E5298-C1BB-450B-B528-531BC9DC3DA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7120_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9EE632-E0B7-4992-ABAA-67DACE8117A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7120_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C97CF976-C065-4F00-9457-C763B1329FC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7120_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE29DEB7-B68D-4107-8FFC-2A9F3BD62B50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "483066C8-ED60-456D-B2BE-110524DDE1AA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7010_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "663D596C-6482-41C7-868F-32DC565E0324",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7010_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04143EB3-1219-4AA6-BEBC-C67E3057FE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7010_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89826886-4E12-4AB3-B573-6A6DE55F1B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7010_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "23428C6C-C1D0-495B-B684-332F4F1FCB33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7010_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E5EB4C-FE47-4E90-BF6F-97EE1A270EA8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBED4712-39D6-4DFD-B8A5-AF20027DD97E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8370_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF289F3-4B49-48D3-950F-22F0D83135D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8370_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9627CB94-72D7-49B9-AFEB-FDE8BA77BF31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8370_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E13D0532-8241-48E0-85B5-10DA232EEC8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8370_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A17CADB1-62C6-4D1A-98A9-5F525A39AFF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8370_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C9DDCB4-BF17-4976-A59C-17A5F2A1D6A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A1A5F5A-51F7-4F5D-8901-FA0200602F77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1600_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9ED30B7-1215-4818-A630-B8BE7257F65C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1600_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3F38C4E-6A06-4557-BD1D-57B166D3D3D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1600_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C4EC750-C354-497D-B13D-F9EB89A86725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1600_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D8132B0A-B0BE-46C2-B49D-20A60B19D354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_1600_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE9A0FEE-DAC9-4D8E-934E-3B0D5763907B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E28590D-A09E-4EEC-B54F-80D7CBE21C0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7020_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "867E4AE8-EBC1-4190-825D-D005AA04EBC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7020_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76DDE62F-CD56-4061-9BEC-7439E71F2F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7020_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "211CFA56-66A2-41EF-BA3B-5A571EE725E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7020_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "367A4D03-7BC1-424E-ADFF-7E15574FE9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7020_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32961007-7D00-4AEC-BD93-6CAD50DF0883",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF7D9A02-6ED1-4118-9950-8D5537B1DDCA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:amp_8150_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C75D74B-5449-4155-9FD8-64FCFF82B441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_8150_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12CD87A6-4B90-42F8-BC58-966DBF78A81E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_8150_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B80F5F83-FB44-43CA-8C26-0A2246CDA8F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_8150_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE3491BD-BF35-424D-8315-414DC7759527",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_8150_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60BD879A-4B84-47BC-B7EC-9F9A7F01F62F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:amp_8150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B6B5352-91B4-4568-A43D-48A534904AAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8130_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97E0CB80-A487-490D-834F-093ED8E7B387",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8130_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3A26A55-B676-4E6D-B5CC-2630E0EA9E3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8130_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D4786EA9-9E06-4D31-B823-0CACC24F0C9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8130_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEC48217-BD15-4A60-91D7-754B935C938E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8130_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5782A7AA-C3A6-4A36-9505-92A259E2A2BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA4BA4BB-C7AA-4D60-BCCF-733988E954D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ngips_virtual_appliance_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA2CEE9-5BE0-4A54-B788-E0AAB76C1027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ngips_virtual_appliance_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C64446C-CE03-4C60-B477-B2D2206F3303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ngips_virtual_appliance_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B34F90D8-6918-41D0-AD61-698EF5EC2954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ngips_virtual_appliance_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "22C45A52-20BF-4B95-8E89-54918313E7E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ngips_virtual_appliance_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8996040-6A60-4A46-AA4E-C3ED35D62033",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ngips_virtual_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34B16156-73F5-4172-ABB1-8BA2F950ABE9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8390_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D23F9B-E314-47C6-BA1B-AEAA6232D028",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8390_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "704C8F4E-1C87-4CAE-B04E-607E7580B7FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8390_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0D0940-7EBA-4EAA-91FD-B8AAAD29949E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8390_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6A2B4A-D342-4BA4-BD96-B08479038013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8390_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "020091DE-F2FA-497E-ACCB-6FEF9A40AEBA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8390:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2AE0775-6C5E-4360-977C-57D9DDD4C9B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8270_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA6240B2-C15C-484A-980D-6A5E174B45A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8270_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4CC79E-E1F0-4FBB-A118-4DCDF767BC57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8270_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "238C18F6-1C28-44CF-B2E7-256025632E0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8270_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44F1FDDD-0034-476F-9705-B3D066D828BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8270_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A997BB50-6FB9-45C2-8F6B-47190212D22F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B22719-10C9-4FF4-A330-68F0F870FD4E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AAB759E-3512-4589-8BD8-CA7FBA5B3C9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4500_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA1DB84D-E13C-4BA0-B653-0DFAB47D43AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4500_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DC3D1443-4CE6-40AD-ABC5-B874891B4E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4500_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93ADA9A4-73B4-4DB1-87EB-F37CCC0E6DAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4500_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD664B0A-BE32-441D-8228-A6F959BBC0C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_4500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05426855-230D-45AA-BD24-DEBBB924C43E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8250_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76D82A98-588A-4C4E-B1DB-987FF08807D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8250_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C42EEFD9-5EAD-44DA-8262-843805EF5A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8250_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4373F5B7-DDF6-46C7-A5C2-8DB8B816E0B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8250_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66EB562E-CBCE-4B9F-A06E-FD8AD3AF55B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8250_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0241D00B-DB0A-4E0F-8D2F-B2DCEDC5B2E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "149B56F8-C51B-4215-A649-9408FD27413D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4600_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18FA050B-E513-4C7F-9602-63772226928C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4600_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9147AC07-5080-4C7A-B88C-91EE22E1CEEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4600_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6820CBBD-D02E-458B-83E2-13CC99F308D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4600_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "91F16C26-903B-4E9B-9CC6-459D45513506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_4600_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3939D70E-21B1-43A5-93C6-081123025B27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF6B1F6-5F19-4DB6-9371-CE8F2696CB2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E56041DA-4026-4DBC-90FF-E15BF2CF8844",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2500_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F546C797-CAAA-40FE-A658-AB07768428DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2500_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E92C1393-89D7-4BCA-9BE3-34F8D272AD1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2500_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B3B5C87B-9EEC-4FC2-B430-6529A990ADCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_2500_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "493A75B3-489E-455E-87FA-FE2690C0B655",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_2500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E36B8162-AF24-4538-B81E-6FB95AC221C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8120_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF61BEA-3E68-4B98-92C0-463DDBA70941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8120_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7818992A-BC24-42F2-A13C-AF8E0C586FD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8120_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92724295-072F-4A98-9A65-4AFE2A6EE473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8120_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4628A45C-40AC-44EF-9329-2D3EC82BDC0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8120_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "738ECCC7-9D9C-4AC9-86B2-BFF17DACC106",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52DD84FD-BC19-4E94-BBDC-176A38CA95B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:amp_7150_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54F291D0-EBC1-48DB-9B34-DF027064D7BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_7150_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D1332BEE-E27E-4F6F-A1BB-273EF877B2D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_7150_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B237657C-6F1C-46E6-97CE-CD9549C28F30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_7150_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69ABEBD8-322D-4582-817D-778B91A8E44A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:amp_7150_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90497A42-243E-4056-A390-CB3D7824B433",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:amp_7150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F299F4A-CA8C-46EA-A86F-CA52C182DAE6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8350_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF13BD0F-3BD2-45E5-8147-DE52A27582CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8350_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A5E4309-3730-4B37-B33F-4A7008250E1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8350_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0B2D0C0-E1B5-456D-8B83-324661ACA931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8350_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC96C4A-6149-4452-AC4F-A33F375DC14C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8350_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEB718B-64BA-4FB9-9371-59765DA11C08",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7FC1382-F102-4946-A5E5-467D40953637",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8140_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3926472-2AA9-4A24-9E3C-0553C2FA0408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8140_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A8FD8E-2230-4BF3-A357-77000349A028",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8140_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB883EB-6AFF-4F41-A092-EF1AACD4605E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8140_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B470E99-1597-4B4D-8150-D0100F28C9F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8140_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C98F7CA4-FEC1-464B-B86A-90A64641D75D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B47B208A-6219-4037-8D9E-1B49C0E70BA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7050_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0397B1B0-CAFC-433E-AA92-39F70DA49563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7050_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E4F7D03-A698-46F1-8386-D4DDE9677CC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7050_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0E4D3E-6F4F-4DF5-B910-115ECC9CA2F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7050_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9D582D-30A3-421A-999A-D48BF1BD3CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_7050_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF8FBB6-C045-4E99-9DBD-B30AF9D25406",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_7050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52AA3762-FFDD-4376-8D79-B393CBFAE23A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8260_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3400D0D-29A0-4FB8-9834-7F69BCB51E29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8260_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B2DA21A-DCB1-42E1-BBC3-B37D4AF369F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8260_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E90CAA74-2C98-4CF5-8897-A4B99526D680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8260_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FA6CED6-90AA-410F-B001-0D816226B12C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8260_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A70452EB-F072-4DFF-B2C5-14AA1EB52488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB97E4A5-2373-49F3-8A8B-005BAC9BEC32",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8360_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E221489F-148E-478E-9664-6F9246888063",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8360_firmware:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3D4C6A40-256B-45BB-9F77-31F868C5A6A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8360_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEA46250-2E2B-44C5-81BD-B71BFC59BC65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8360_firmware:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFB5C0C8-0433-4B6B-B149-A2F3C1D3D8C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_appliance_8360_firmware:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2617CE09-4275-459B-80C9-D8BBB75FB7EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_appliance_8360:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F58D55B-E671-44E4-841F-72F95D20C4A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en la interfaz de administraci\u00f3n basada en web de Cisco Firepower Management Center (FMC), podr\u00edan permitir a un atacante remoto autenticado conducir un ataque de tipo cross-site scripting (XSS) contra un usuario de la interfaz de administraci\u00f3n basada en web. Estas vulnerabilidades son debido a una comprobaci\u00f3n insuficiente de la entrada suministrada por el usuario mediante la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda explotar estas vulnerabilidades persuadiendo a un usuario de la interfaz para que haga clic en un enlace dise\u00f1ado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo de script arbitrario en el contexto de la interfaz o acceder a informaci\u00f3n confidencial basada en navegador."
}
],
"id": "CVE-2019-15269",
"lastModified": "2024-11-21T04:28:19.893",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-16T19:15:14.440",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-firepwr-xss"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-firepwr-xss"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-27 19:15
Modified
2024-11-21 06:11
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The attacker would require valid device credentials. The vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTPS request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to read or write arbitrary files on the device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F75D9CB4-406B-4FBF-BC7A-35C2CCEFD8B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C0FC62F-65AD-4855-953A-DA5BBFC1B2E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28629BA3-B1ED-409B-9FB1-E2159D95D975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B11AE299-AE40-42EB-9C0B-3865C932E766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C001C143-323E-4820-B5FC-4841E85B5EB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CABDCBEE-439D-448C-B836-D216A74C4C7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2F42A059-CCCC-4629-AC03-6E90E7731C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA792E5D-7270-4C23-A8D6-22EB00CB21A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB38685-4255-4565-98AA-234B9DEEADE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF689E1-22FF-467F-B5A7-59833D77971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5429F29E-BEE8-4989-B5F3-A9BABBF64D31",
"versionEndExcluding": "6.4.0.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
"versionEndExcluding": "6.6.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
"versionEndExcluding": "6.7.0.3",
"versionStartIncluding": "6.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
"versionEndExcluding": "7.0.1",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E4A3574-53DC-4328-A229-87795AE4F7AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBC6544-6ADF-4F95-A969-A8D953D11B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04DF03B7-9C70-4BEE-8AE4-6AA134322C0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B02800C-6420-4758-89CF-66F47B4FCA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B44F266-3C0C-4411-B0B1-B7614DB5BDEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B52CA450-676D-404C-AE02-4DDD1A1ED759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "923193EF-083C-4CB7-920E-1B2163783CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52ED507A-5075-4444-A2D1-F5657453AD3F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The attacker would require valid device credentials. The vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTPS request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to read or write arbitrary files on the device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en la web del software Cisco Firepower Management Center (FMC) podr\u00eda permitir a un atacante remoto autenticado llevar a cabo un ataque de salto de directorio en un dispositivo afectado. El atacante necesitar\u00eda credenciales v\u00e1lidas del dispositivo. La vulnerabilidad es debido a una insuficiente comprobaci\u00f3n de entrada de la URL HTTPS por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n HTTPS dise\u00f1ada que contenga secuencias de caracteres de salto de directorio a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante leer o escribir archivos arbitrarios en el dispositivo"
}
],
"id": "CVE-2021-34762",
"lastModified": "2024-11-21T06:11:08.593",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-27T19:15:08.060",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dir-traversal-95UyW5tk"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dir-traversal-95UyW5tk"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-26"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-27 19:15
Modified
2024-11-21 06:11
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Summary
A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. The attacker must have administrative credentials on the device. This vulnerability is due to incomplete validation of user input for a specific CLI command. An attacker could exploit this vulnerability by authenticating to the device with administrative privileges and issuing a CLI command with crafted user parameters. A successful exploit could allow the attacker to overwrite or append arbitrary data to system files using root-level privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F75D9CB4-406B-4FBF-BC7A-35C2CCEFD8B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C0FC62F-65AD-4855-953A-DA5BBFC1B2E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B11AE299-AE40-42EB-9C0B-3865C932E766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA792E5D-7270-4C23-A8D6-22EB00CB21A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB38685-4255-4565-98AA-234B9DEEADE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF689E1-22FF-467F-B5A7-59833D77971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17F461B5-E600-4C81-BA3C-1DBC90D4D438",
"versionEndExcluding": "6.4.0.13",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37A74256-AF9A-473B-9DC7-A57618BA9F00",
"versionEndExcluding": "6.6.5",
"versionStartIncluding": "6.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
"versionEndExcluding": "6.7.0.3",
"versionStartIncluding": "6.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
"versionEndExcluding": "7.0.1",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E4A3574-53DC-4328-A229-87795AE4F7AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBC6544-6ADF-4F95-A969-A8D953D11B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B02800C-6420-4758-89CF-66F47B4FCA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F41081E-06CF-4BA2-9072-E18D9032BEBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52ED507A-5075-4444-A2D1-F5657453AD3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5E9A6F5-8BC2-4FA5-9920-E980EFC5BCEE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. The attacker must have administrative credentials on the device. This vulnerability is due to incomplete validation of user input for a specific CLI command. An attacker could exploit this vulnerability by authenticating to the device with administrative privileges and issuing a CLI command with crafted user parameters. A successful exploit could allow the attacker to overwrite or append arbitrary data to system files using root-level privileges."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante local autenticado sobrescribir o a\u00f1adir datos arbitrarios a los archivos del sistema usando privilegios de nivel de root. El atacante debe tener credenciales administrativas en el dispositivo. Esta vulnerabilidad es debido a una comprobaci\u00f3n incompleta de la entrada del usuario para un comando CLI espec\u00edfico. Un atacante podr\u00eda explotar esta vulnerabilidad al autenticarse en el dispositivo con privilegios administrativos y emitiendo un comando CLI con par\u00e1metros de usuario dise\u00f1ados. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante sobrescribir o a\u00f1adir datos arbitrarios a los archivos del sistema usando privilegios de nivel root"
}
],
"id": "CVE-2021-34761",
"lastModified": "2024-11-21T06:11:08.453",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-27T19:15:08.003",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-write-SHVcmQVc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-file-write-SHVcmQVc"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-73"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-668"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-27 19:15
Modified
2024-11-21 06:11
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to a lack of proper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, which causes a DoS condition on the affected device. The device must be manually reloaded to recover.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C16F3BD-2ACD-44A0-9033-13CB59A50FE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C0FC62F-65AD-4855-953A-DA5BBFC1B2E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCD7132-CB3D-4C8A-A8A4-CB2F225F2103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28629BA3-B1ED-409B-9FB1-E2159D95D975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49436378-0578-48F6-AE54-7C8D88574864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08D53D5A-C40D-4E34-95DE-4F7BCD69C44C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB554C1B-F215-4E2B-A47A-FAE73A2AFBCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB38685-4255-4565-98AA-234B9DEEADE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F27ABB44-FC9A-457D-AFB7-D7CB8119C9AE",
"versionEndExcluding": "6.4.0.13",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
"versionEndExcluding": "6.6.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
"versionEndExcluding": "6.7.0.3",
"versionStartIncluding": "6.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
"versionEndExcluding": "7.0.1",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B273B25-634A-48FF-B290-4A332F84E0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBC6544-6ADF-4F95-A969-A8D953D11B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "9F80E8A9-704D-44DC-B886-59D97036EC82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04DF03B7-9C70-4BEE-8AE4-6AA134322C0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F47E43-116B-4176-9E79-0BA7CBA16869",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "97B8B789-5C61-4C15-9F2A-91C18B1D9FC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C0AAD56A-563F-48FB-A8D0-E482425B79FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52ED507A-5075-4444-A2D1-F5657453AD3F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to a lack of proper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, which causes a DoS condition on the affected device. The device must be manually reloaded to recover."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el procesamiento de las conexiones SSH para las implementaciones de m\u00faltiples instancias del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el dispositivo afectado. Esta vulnerabilidad es debido a una falta de administraci\u00f3n adecuada de errores cuando no es posible establecer una sesi\u00f3n SSH. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una alta tasa de conexiones SSH dise\u00f1adas a la instancia. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar un agotamiento de los recursos, que causa una condici\u00f3n de DoS en el dispositivo afectado. El dispositivo debe ser recargado manualmente para recuperarse"
}
],
"id": "CVE-2021-34781",
"lastModified": "2024-11-21T06:11:11.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-27T19:15:08.233",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-rUDseW3r"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-rUDseW3r"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-16 19:15
Modified
2024-11-21 04:28
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_management_center_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF5BD4E3-2D16-44AA-929D-C227EE43E82F",
"versionEndExcluding": "6.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C29140C-1C4C-48DD-BED4-1FA0BFDC565D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44C4E004-BCBA-4C2A-BBC7-8C6F9E54CC15",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E28590D-A09E-4EEC-B54F-80D7CBE21C0C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A389E5A4-0994-4F75-A264-18371D726ACA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_2500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E36B8162-AF24-4538-B81E-6FB95AC221C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D158D934-FE4D-4BB1-B674-30666F04D510",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A9FD1A9-1BB3-4FFB-AB75-5BF8AF61FF1D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_4500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05426855-230D-45AA-BD24-DEBBB924C43E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF6B1F6-5F19-4DB6-9371-CE8F2696CB2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_virtual_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B4F454C-D675-426F-961F-3A85BBF4AD4A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ngips_virtual_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34B16156-73F5-4172-ABB1-8BA2F950ABE9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Firepower Management Center (FMC), podr\u00eda permitir a un atacante remoto no autenticado conducir un ataque de tipo cross-site scripting (XSS) contra un usuario de la interfaz de administraci\u00f3n basada en web. La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de la entrada suministrada por el usuario mediante la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda explotar esta vulnerabilidad persuadiendo a un usuario de la interfaz para que haga clic en un enlace dise\u00f1ado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo de script arbitrario en el contexto de la interfaz o acceder a informaci\u00f3n confidencial basada en navegador."
}
],
"id": "CVE-2019-15270",
"lastModified": "2024-11-21T04:28:20.103",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-16T19:15:14.537",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-firepwr-stored-xss"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-firepwr-stored-xss"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-24 16:15
Modified
2024-11-21 06:43
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerability is due to improper handling of undefined command parameters. An attacker could exploit this vulnerability by using a crafted command on the CLI or by submitting a crafted HTTPS request to the web-based management interface of the Cisco ASA that is hosting the ASA FirePOWER module. Note: To exploit this vulnerability, the attacker must have administrative access to the Cisco ASA. A user who has administrative access to a particular Cisco ASA is also expected to have administrative access to the ASA FirePOWER module that is hosted by that Cisco ASA.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:asa_firepower:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2948FC9B-05A4-4E9B-9FE2-A4941CC94DD9",
"versionEndExcluding": "6.2.3.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asa_firepower:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7DF32EC7-CC7E-46F5-9D1E-E0EE461261A7",
"versionEndExcluding": "6.4.0.15",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asa_firepower:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03F7B0B9-A618-4E8D-A767-A209A1FA0A5D",
"versionEndExcluding": "6.6.7",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asa_firepower:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D71271D-11C6-4F43-91EE-85D4419C9C8F",
"versionEndExcluding": "7.0.2.1",
"versionStartIncluding": "6.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "727A02E8-40A1-4DFE-A3A2-91D628D3044F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F6546E-28F4-40DC-97D6-E0E023FE939B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
"matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C29140C-1C4C-48DD-BED4-1FA0BFDC565D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_management_center_virtual_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B4F454C-D675-426F-961F-3A85BBF4AD4A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerability is due to improper handling of undefined command parameters. An attacker could exploit this vulnerability by using a crafted command on the CLI or by submitting a crafted HTTPS request to the web-based management interface of the Cisco ASA that is hosting the ASA FirePOWER module. Note: To exploit this vulnerability, the attacker must have administrative access to the Cisco ASA. A user who has administrative access to a particular Cisco ASA is also expected to have administrative access to the ASA FirePOWER module that is hosted by that Cisco ASA."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el analizador de la CLI del software Cisco FirePOWER para el m\u00f3dulo FirePOWER de Adaptive Security Appliance (ASA) podr\u00eda permitir a un atacante remoto autenticado ejecutar comandos arbitrarios en el sistema operativo subyacente de un m\u00f3dulo ASA FirePOWER afectado como usuario root. Esta vulnerabilidad es debido al manejo inapropiado de par\u00e1metros de comando no definidos. Un atacante podr\u00eda aprovechar esta vulnerabilidad usando un comando dise\u00f1ado en la CLI o enviando una petici\u00f3n HTTPS dise\u00f1ada a la interfaz de administraci\u00f3n basada en web del Cisco ASA que aloja el m\u00f3dulo ASA FirePOWER. Nota: Para aprovechar esta vulnerabilidad, el atacante debe tener acceso administrativo al Cisco ASA. Es esperado que un usuario que tenga acceso administrativo a un determinado Cisco ASA tambi\u00e9n tenga acceso administrativo al m\u00f3dulo ASA FirePOWER que est\u00e1 alojado en ese Cisco ASA"
}
],
"id": "CVE-2022-20828",
"lastModified": "2024-11-21T06:43:38.367",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-24T16:15:08.523",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://packetstormsecurity.com/files/168256/Cisco-ASA-X-With-FirePOWER-Services-Authenticated-Command-Injection.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asasfr-cmd-inject-PE4GfdG"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://packetstormsecurity.com/files/168256/Cisco-ASA-X-With-FirePOWER-Services-Authenticated-Command-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asasfr-cmd-inject-PE4GfdG"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-236"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-27 19:15
Modified
2024-11-21 06:11
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A08538C5-6957-42B4-894B-1AF04FC904A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "01DFAA87-6DB1-419B-A2F4-F1FB3A7B8A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F75D9CB4-406B-4FBF-BC7A-35C2CCEFD8B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C16F3BD-2ACD-44A0-9033-13CB59A50FE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C0FC62F-65AD-4855-953A-DA5BBFC1B2E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "7E738F08-C30D-46E4-A92C-D406D72E1292",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28629BA3-B1ED-409B-9FB1-E2159D95D975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49436378-0578-48F6-AE54-7C8D88574864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B11AE299-AE40-42EB-9C0B-3865C932E766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA792E5D-7270-4C23-A8D6-22EB00CB21A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB38685-4255-4565-98AA-234B9DEEADE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF689E1-22FF-467F-B5A7-59833D77971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17F461B5-E600-4C81-BA3C-1DBC90D4D438",
"versionEndExcluding": "6.4.0.13",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37A74256-AF9A-473B-9DC7-A57618BA9F00",
"versionEndExcluding": "6.6.5",
"versionStartIncluding": "6.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
"versionEndExcluding": "6.7.0.3",
"versionStartIncluding": "6.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
"versionEndExcluding": "7.0.1",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38E2B495-A0B6-4049-8C90-96CF62BC1BFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20741BF4-6F44-42DE-B05E-EDB4176CAD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E4A3574-53DC-4328-A229-87795AE4F7AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B273B25-634A-48FF-B290-4A332F84E0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBC6544-6ADF-4F95-A969-A8D953D11B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "37FBD21A-0D57-466F-B6F6-1D124A6D75D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04DF03B7-9C70-4BEE-8AE4-6AA134322C0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F47E43-116B-4176-9E79-0BA7CBA16869",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B02800C-6420-4758-89CF-66F47B4FCA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:6.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F41081E-06CF-4BA2-9072-E18D9032BEBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52ED507A-5075-4444-A2D1-F5657453AD3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sourcefire_defense_center:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5E9A6F5-8BC2-4FA5-9920-E980EFC5BCEE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "Varias vulnerabilidades en la CLI del software Cisco Firepower Threat Defense (FTD) podr\u00edan permitir a un atacante local autenticado ejecutar comandos arbitrarios con privilegios de root. Para conseguir m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-34756",
"lastModified": "2024-11-21T06:11:07.717",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-27T19:15:07.940",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}