CVSS: 6.0EPSS: 0%CPEs: 43EXPL: 0CVE-2023-20234
https://notcve.org/view.php?id=CVE-2023-20234
23 Aug 2023 — A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability by authenticating to an affected device and using the command at the CLI. A successful exploit could allow the attacker to overwrite any file on the disk of the ... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL • CWE-73: External Control of File Name or Path CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 19%CPEs: 37EXPL: 1CVE-2022-20866 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability
https://notcve.org/view.php?id=CVE-2022-20866
10 Aug 2022 — A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that performs hardware-based cryptography. An attacker could exploit this vulnerability by using a Lenstra side-channel attack against the targeted device. A successfu... • https://github.com/CiscoPSIRT/CVE-2022-20866 • CWE-203: Observable Discrepancy •
CVSS: 8.6EPSS: 0%CPEs: 26EXPL: 0CVE-2022-20751 – Cisco Firepower Threat Defense Software Snort Out of Memory Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20751
03 May 2022 — A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient memory management for certain Snort events. An attacker could exploit this vulnerability by sending a series of crafted IP packets that would generate specific Snort events on an affected device. ... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-dos-hd2hFgM • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.6EPSS: 1%CPEs: 41EXPL: 0CVE-2020-3283 – Cisco Firepower 1000 Series SSL/TLS Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3283
06 May 2020 — A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Firepower Threat Defense (FTD) Software when running on the Cisco Firepower 1000 Series platform could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to a communication error between internal functions. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message to an affected device. A successful exp... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-4v5nmWtZ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •