Cisco Firepower Extensible Operating System — known CVE vulnerabilities
Every CVE whose affected-product data names Cisco Firepower Extensible Operating System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (56)
CVE-2015-6435 — CVSS 9.8 (critical): An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Computing System (UCS) Manager before…
CVE-2018-0310 — CVSS 9.8 (critical): A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated…
CVE-2020-3172 — CVSS 8.8 (high): A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated…
CVE-2018-0303 — CVSS 8.8 (high): A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated…
CVE-2021-1368 — CVSS 8.8 (high): A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an…
CVE-2020-3456 — CVSS 8.8 (high): A vulnerability in the Cisco Firepower Chassis Manager (FCM) of Cisco FXOS Software could allow an unauthenticated, remote attacker to…
CVE-2018-0395 — CVSS 8.8 (high): A vulnerability in the Link Layer Discovery Protocol (LLDP) implementation for Cisco FXOS Software and Cisco NX-OS Software could allow an…
CVE-2017-12277 — CVSS 8.8 (high): A vulnerability in the Smart Licensing Manager service of the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower…
CVE-2017-3883 — CVSS 8.6 (high): A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System…
CVE-2019-1597 — CVSS 8.6 (high): Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco…
CVE-2019-1598 — CVSS 8.6 (high): Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco…
CVE-2019-1858 — CVSS 8.6 (high): A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software…
CVE-2020-3517 — CVSS 8.6 (high): A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated…
CVE-2020-3455 — CVSS 7.8 (high): A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot…
CVE-2017-6597 — CVSS 7.8 (high): A vulnerability in the local-mgmt CLI command of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series…
CVE-2017-6600 — CVSS 7.8 (high): A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall…
CVE-2020-3167 — CVSS 7.8 (high): A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute…
CVE-2018-0302 — CVSS 7.8 (high): A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local…
CVE-2020-3459 — CVSS 7.8 (high): A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are…
CVE-2019-12699 — CVSS 7.8 (high): Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated…
CVE-2018-0298 — CVSS 7.5 (high): A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to…
CVE-2018-0311 — CVSS 7.5 (high): A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated…
CVE-2021-34714 — CVSS 7.4 (high): A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software…
CVE-2015-6370 — CVSS 7.2 (high): The Management I/O (MIO) component in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows local users…
CVE-2017-6601 — CVSS 7.1 (high): A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall…
CVE-2015-6373 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows…
CVE-2019-1779 — CVSS 6.7 (medium): A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute…
CVE-2020-3457 — CVSS 6.7 (medium): A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are…
CVE-2017-6598 — CVSS 6.7 (medium): A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series…
CVE-2020-3169 — CVSS 6.7 (medium): A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the…
CVE-2018-0294 — CVSS 6.7 (medium): A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to…
CVE-2020-3166 — CVSS 6.7 (medium): A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the…
CVE-2019-1795 — CVSS 6.7 (medium): A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute…
CVE-2019-1780 — CVSS 6.7 (medium): A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator…
CVE-2024-20294 — CVSS 6.6 (medium): A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an…
CVE-2015-6380 — CVSS 6.5 (medium): An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows…
CVE-2020-3120 — CVSS 6.5 (medium): A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software…
CVE-2019-12700 — CVSS 6.5 (medium): A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco Firepower Threat Defense (FTD) Software…
CVE-2018-0331 — CVSS 6.5 (medium): A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software…
CVE-2017-12329 — CVSS 6.3 (medium): A vulnerability in the CLI of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an authenticated…
CVE-2022-20934 — CVSS 6.0 (medium): A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software and Cisco FXOS Software could allow an authenticated, local…
CVE-2023-20015 — CVSS 6.0 (medium): A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and…
CVE-2020-3545 — CVSS 6.0 (medium): A vulnerability in Cisco FXOS Software could allow an authenticated, local attacker with administrative credentials to cause a buffer…
CVE-2019-1734 — CVSS 5.5 (medium): A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an…
CVE-2017-12299 — CVSS 5.3 (medium): A vulnerability exists in the process of creating default IP blocks during device initialization for Cisco ASA Next-Generation Firewall…
CVE-2015-4287 — CVSS 5.0 (medium): Cisco Firepower Extensible Operating System 1.1(1.86) on Firepower 9000 devices allows remote attackers to bypass intended access…
CVE-2015-6368 — CVSS 5.0 (medium): Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to read files via a crafted HTTP…
CVE-2015-6369 — CVSS 4.9 (medium): The USB driver in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows physically proximate attackers to…
CVE-2019-1600 — CVSS 4.4 (medium): A vulnerability in the file system permissions of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker…
CVE-2023-20234 — CVSS 4.4 (medium): A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on…
CVE-2017-6602 — CVSS 4.4 (medium): A vulnerability in the CLI of Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW)…
CVE-2022-20625 — CVSS 4.3 (medium): A vulnerability in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated…
CVE-2015-6372 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Firepower Extensible Operating System 1.1(1.160) on…
CVE-2015-6374 — CVSS 4.3 (medium): The web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices does not properly restrict use of…
CVE-2015-6371 — CVSS 4.0 (medium): Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote authenticated users to read arbitrary files…
CVE-2020-3504 — CVSS 3.3 (low): A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to…