Skip to main content

Firepower Threat Defense

216 CVEs product

Monthly

CVE-2025-20363 CRITICAL CERT-EU This Week

A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Apple RCE Heap Overflow Cisco +4
NVD
CVSS 3.1
9.0
EPSS
5.7%
CVE-2025-20362 MEDIUM POC KEV THREAT CISA CERT-EU This Month

Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD Software releases that are affected by CVE-2025-20333 and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and EPSS exploitation probability 43.6%.

Authentication Bypass Denial Of Service Cisco Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
6.5
EPSS
43.6%
Threat
7.6
CVE-2025-20333 CRITICAL KEV THREAT CISA CERT-EU Act Now

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Actively exploited in the wild (cisa kev) and EPSS exploitation probability 18.8%.

Buffer Overflow Cisco RCE Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
9.9
EPSS
18.8%
CVE-2025-20127 HIGH This Month

A vulnerability in the TLS 1.3 implementation for a specific cipher for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software for. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
7.7
EPSS
0.2%
CVE-2025-20182 HIGH This Month

A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol processing of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Cisco Apple Buffer Overflow Denial Of Service +3
NVD
CVSS 3.1
8.6
EPSS
0.3%
CVE-2024-20495 HIGH This Week

A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
8.6
EPSS
0.5%
CVE-2024-20494 HIGH This Week

A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
8.6
EPSS
0.5%
CVE-2024-20431 MEDIUM This Month

A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Firepower Threat Defense
NVD
CVSS 3.1
5.8
EPSS
0.4%
CVE-2024-20412 HIGH This Week

A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Firepower Threat Defense
NVD
CVSS 3.1
8.4
EPSS
0.2%
CVE-2024-20408 HIGH This Week

A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
7.7
EPSS
0.4%
CVE-2024-20407 MEDIUM This Month

A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Firepower Threat Defense
NVD
CVSS 3.1
5.8
EPSS
0.4%
CVE-2024-20402 HIGH This Week

A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
8.6
EPSS
0.5%
CVE-2024-20388 MEDIUM This Month

A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Firepower Management Center Secure Firewall Management Center Firepower Threat Defense
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2024-20384 MEDIUM This Month

A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
5.8
EPSS
0.4%
CVE-2024-20382 MEDIUM This Month

A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-20330 HIGH This Week

A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service Firepower Threat Defense
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-20299 MEDIUM This Month

A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
5.8
EPSS
0.5%
CVE-2024-20297 MEDIUM This Month

A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
5.8
EPSS
0.5%
CVE-2024-20268 HIGH This Week

A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
7.7
EPSS
0.6%
CVE-2024-20363 MEDIUM This Month

Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Firepower Threat Defense Unified Threat Defense Snort Intrusion Prevention System Engine Snort
NVD
CVSS 3.1
5.8
EPSS
0.4%
CVE-2024-20355 MEDIUM This Month

A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
5.0
EPSS
0.3%
CVE-2024-20293 MEDIUM This Month

A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated,. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
5.8
EPSS
0.4%
CVE-2024-20261 MEDIUM This Month

A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Firepower Threat Defense
NVD
CVSS 3.1
5.8
EPSS
0.4%
CVE-2023-20275 MEDIUM This Month

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-20267 MEDIUM This Month

A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Firepower Threat Defense
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-20264 MEDIUM This Month

A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Open Redirect Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-20247 MEDIUM This Month

A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2023-20246 MEDIUM This Month

Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Snort Firepower Threat Defense Ios Xe
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-20095 HIGH This Week

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
8.6
EPSS
0.6%
CVE-2023-20083 HIGH This Week

A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense
NVD
CVSS 3.1
8.6
EPSS
0.7%
CVE-2023-20071 MEDIUM This Month

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Firepower Threat Defense Cyber Vision Unified Threat Defense +1
NVD
CVSS 3.1
5.8
EPSS
0.5%
CVE-2023-20070 MEDIUM This Month

A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense
NVD
CVSS 3.1
4.0
EPSS
0.5%
CVE-2023-20063 HIGH This Week

A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Cisco Code Injection Firepower Threat Defense Secure Firewall Management Center
NVD
CVSS 3.1
8.2
EPSS
0.2%
CVE-2023-20042 HIGH This Week

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
8.6
EPSS
0.7%
CVE-2023-20031 MEDIUM This Month

A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-20270 MEDIUM This Month

A vulnerability in the interaction between the Server Message Block (SMB) protocol preprocessor and the Snort 3 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense
NVD
CVSS 3.1
5.8
EPSS
0.7%
CVE-2023-20256 MEDIUM This Month

Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
5.8
EPSS
0.6%
CVE-2023-20245 MEDIUM This Month

Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
5.8
EPSS
0.5%
CVE-2023-20244 HIGH This Week

A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Firewalls could allow an unauthenticated, remote attacker to cause a. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense
NVD
CVSS 3.1
8.6
EPSS
0.8%
CVE-2023-20177 MEDIUM This Month

A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense
NVD
CVSS 3.1
4.0
EPSS
0.5%
CVE-2023-20086 HIGH This Week

A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
8.6
EPSS
0.7%
CVE-2023-20269 CRITICAL KEV THREAT Act Now

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
9.1
EPSS
21.6%
CVE-2023-20006 HIGH This Week

A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-20107 HIGH This Week

A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number generator (PRNG), in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Adaptive Security Appliance Firepower Threat Defense
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-20081 MEDIUM This Month

A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Denial Of Service Apple Heap Overflow Cisco +4
NVD
CVSS 3.1
5.9
EPSS
0.7%
CVE-2022-20950 MEDIUM This Month

A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2022-20949 MEDIUM This Month

A vulnerability in the management web server of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with high privileges to execute configuration commands on. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Firepower Threat Defense
NVD
CVSS 3.1
4.9
EPSS
0.7%
CVE-2022-20947 HIGH This Week

A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Buffer Overflow Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-20946 HIGH This Week

A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Cisco Denial Of Service Buffer Overflow Firepower Threat Defense
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-20943 MEDIUM This Month

Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense Cyber Vision Meraki Mx Security Appliance Firmware
NVD
CVSS 3.1
5.8
EPSS
0.9%
CVE-2022-20940 MEDIUM This Month

A vulnerability in the TLS handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain access to sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle Cisco Firepower Threat Defense
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2022-20934 MEDIUM This Month

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Cisco Firepower Threat Defense Firepower Extensible Operating System
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2022-20928 MEDIUM This Month

A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
5.8
EPSS
0.7%
CVE-2022-20927 MEDIUM This Month

A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Buffer Overflow Adaptive Security Appliance Software Firepower Threat Defense +1
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-20924 MEDIUM This Month

A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-20922 MEDIUM This Month

Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense Umbrella Virtual Appliance Cyber Vision
NVD VulDB
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-20854 HIGH This Week

A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Secure Firewall Management Center Firepower Threat Defense
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-20826 MEDIUM This Month

A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD). Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2022-20866 HIGH This Week

A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
7.5
EPSS
16.6%
CVE-2022-20713 MEDIUM This Month

A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Request Smuggling Cisco XSS Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
6.1
EPSS
1.3%
CVE-2022-20767 HIGH This Week

A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Threat Defense
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-20760 HIGH This Week

A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2022-20759 HIGH POC THREAT This Week

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Cisco Information Disclosure Firepower Threat Defense Adaptive Security Appliance Software
NVD GitHub
CVSS 3.1
8.8
EPSS
28.4%
CVE-2022-20757 HIGH This Week

A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Threat Defense
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-20751 HIGH This Week

A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Threat Defense
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-20748 MEDIUM This Month

A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Threat Defense
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2022-20746 HIGH This Week

A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Null Pointer Dereference Firepower Threat Defense
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-20745 HIGH This Week

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2022-20742 HIGH This Week

A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Information Disclosure Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
7.4
EPSS
0.4%
CVE-2022-20730 HIGH This Week

A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Firepower Threat Defense
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-20729 HIGH This Week

A vulnerability in CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject XML into the command parser. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Code Injection Firepower Threat Defense
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-20715 HIGH This Week

A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
8.6
EPSS
1.3%
CVE-2022-20795 HIGH This Week

A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Adaptive Security Appliance Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-40125 MEDIUM This Month

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Microsoft Memory Corruption Use After Free Denial Of Service +10
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-40118 HIGH This Week

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service Stack Overflow Adaptive Security Appliance +10
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-40117 HIGH This Week

A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service Adaptive Security Appliance Firepower Threat Defense +9
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2021-40116 HIGH This Week

Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense Secure Firewall Management Center Snort
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-40114 HIGH This Week

Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense Secure Firewall Management Center Unified Threat Defense +1
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2021-34794 MEDIUM This Month

A vulnerability in the Simple Network Management Protocol version 3 (SNMPv3) access control functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Firepower Threat Defense Adaptive Security Appliance Software Asa 5512 X Firmware +7
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2021-34793 HIGH This Week

A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated,. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Firepower Threat Defense Adaptive Security Appliance Software +8
NVD
CVSS 3.1
8.6
EPSS
0.6%
CVE-2021-34792 HIGH This Week

A vulnerability in the memory management of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense Adaptive Security Appliance Software Asa 5512 X Firmware +7
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2021-34791 MEDIUM This Month

Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Adaptive Security Appliance Firepower Threat Defense Adaptive Security Appliance Software +8
NVD
CVSS 3.1
5.3
EPSS
1.1%
CVE-2021-34790 MEDIUM This Month

Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Adaptive Security Appliance Firepower Threat Defense Adaptive Security Appliance Software +8
NVD
CVSS 3.1
5.3
EPSS
1.1%
CVE-2021-34787 MEDIUM This Month

A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Adaptive Security Appliance Firepower Threat Defense Adaptive Security Appliance Software +8
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2021-34783 HIGH This Week

A vulnerability in the software-based SSL/TLS message handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service Firepower Threat Defense Adaptive Security Appliance Software +8
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2021-34781 HIGH This Week

A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service Firepower Management Center Virtual Appliance Firepower Threat Defense +1
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-34764 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Open Redirect XSS Firepower Management Center Virtual Appliance Firepower Threat Defense +1
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-34763 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Open Redirect XSS Firepower Management Center Virtual Appliance Firepower Threat Defense +1
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2021-34762 HIGH This Week

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Path Traversal Firepower Management Center Virtual Appliance Firepower Threat Defense Sourcefire Defense Center
NVD
CVSS 3.1
8.1
EPSS
1.9%
CVE-2021-34761 MEDIUM This Month

A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Firepower Management Center Virtual Appliance Firepower Threat Defense Sourcefire Defense Center
NVD
CVSS 3.1
6.0
EPSS
0.2%
EPSS 6% CVSS 9.0
CRITICAL This Week

A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Apple RCE +6
NVD
EPSS 44% 7.6 CVSS 6.5
MEDIUM POC KEV THREAT This Month

Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD Software releases that are affected by CVE-2025-20333 and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and EPSS exploitation probability 43.6%.

Authentication Bypass Denial Of Service Cisco +2
NVD
EPSS 19% CVSS 9.9
CRITICAL KEV THREAT Act Now

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Actively exploited in the wild (cisa kev) and EPSS exploitation probability 18.8%.

Buffer Overflow Cisco RCE +2
NVD
EPSS 0% CVSS 7.7
HIGH This Month

A vulnerability in the TLS 1.3 implementation for a specific cipher for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software for. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Threat Defense +1
NVD
EPSS 0% CVSS 8.6
HIGH This Month

A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol processing of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Cisco Apple +5
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software +1
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software +1
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Firepower Threat Defense
NVD
EPSS 0% CVSS 8.4
HIGH This Week

A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Firepower Threat Defense
NVD
EPSS 0% CVSS 7.7
HIGH This Week

A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software +1
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Firepower Threat Defense
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Firepower Management Center +2
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Adaptive Security Appliance Software +1
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Adaptive Security Appliance Software +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service +1
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Adaptive Security Appliance Software +1
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Adaptive Security Appliance Software +1
NVD
EPSS 1% CVSS 7.7
HIGH This Week

A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software +1
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Firepower Threat Defense +2
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Adaptive Security Appliance Software +1
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated,. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Adaptive Security Appliance Software +1
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Firepower Threat Defense
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Adaptive Security Appliance Software +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Firepower Threat Defense
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Open Redirect Adaptive Security Appliance Software +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Adaptive Security Appliance Software +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Snort +2
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software +1
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense
NVD
EPSS 1% CVSS 5.8
MEDIUM This Month

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Firepower Threat Defense +3
NVD
EPSS 1% CVSS 4.0
MEDIUM This Month

A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense
NVD
EPSS 0% CVSS 8.2
HIGH This Week

A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Cisco Code Injection +2
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense +1
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense
NVD
EPSS 1% CVSS 5.8
MEDIUM This Month

A vulnerability in the interaction between the Server Message Block (SMB) protocol preprocessor and the Snort 3 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense
NVD
EPSS 1% CVSS 5.8
MEDIUM This Month

Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Adaptive Security Appliance Software +1
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Adaptive Security Appliance Software +1
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Firewalls could allow an unauthenticated, remote attacker to cause a. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense
NVD
EPSS 1% CVSS 4.0
MEDIUM This Month

A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software +1
NVD
EPSS 22% CVSS 9.1
CRITICAL KEV THREAT Act Now

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Adaptive Security Appliance Software +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number generator (PRNG), in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Adaptive Security Appliance +1
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Denial Of Service Apple +6
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

A vulnerability in the management web server of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with high privileges to execute configuration commands on. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Firepower Threat Defense
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Buffer Overflow +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Cisco Denial Of Service +2
NVD
EPSS 1% CVSS 5.8
MEDIUM This Month

Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense +2
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in the TLS handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain access to sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle Cisco +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Cisco Firepower Threat Defense +1
NVD
EPSS 1% CVSS 5.8
MEDIUM This Month

A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Adaptive Security Appliance Software +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Buffer Overflow +3
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense +2
NVD VulDB
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Secure Firewall Management Center +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD). Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Adaptive Security Appliance Software +1
NVD
EPSS 17% CVSS 7.5
HIGH This Week

A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Adaptive Security Appliance Software +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Request Smuggling Cisco XSS +2
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Threat Defense
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Threat Defense +1
NVD
EPSS 28% CVSS 8.8
HIGH POC THREAT This Week

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Cisco Information Disclosure Firepower Threat Defense +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Threat Defense
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Threat Defense
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Threat Defense
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Null Pointer Dereference +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Threat Defense +1
NVD
EPSS 0% CVSS 7.4
HIGH This Week

A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Information Disclosure Firepower Threat Defense +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Firepower Threat Defense
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject XML into the command parser. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Code Injection Firepower Threat Defense
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Threat Defense +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Adaptive Security Appliance +2
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Microsoft Memory Corruption +12
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service +12
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service +11
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense +2
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense +3
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in the Simple Network Management Protocol version 3 (SNMPv3) access control functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Firepower Threat Defense +9
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated,. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance +10
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the memory management of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense +9
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Adaptive Security Appliance +10
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Adaptive Security Appliance +10
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Adaptive Security Appliance +10
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A vulnerability in the software-based SSL/TLS message handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service +10
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service +3
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Open Redirect XSS +3
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Open Redirect XSS +3
NVD
EPSS 2% CVSS 8.1
HIGH This Week

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Path Traversal Firepower Management Center Virtual Appliance +2
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Firepower Management Center Virtual Appliance +2
NVD
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy