Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sourcefire defense center vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2344
The web-based management interfaces in Sourcefire Defense Center (DC) and 3D Sensor prior to 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components.
Sourcefire 3d Sensor 4.8
Sourcefire 3d Sensor 4.8.0.4
Sourcefire Defense Center 4.8
Sourcefire Defense Center 4.8.0.3
Sourcefire Defense Center
Sourcefire 3d Sensor 4.8.0.3
Sourcefire Defense Center 4.8.0.4
Sourcefire 3d Sensor
1 EDB exploit
4.8
CVSSv3
CVE-2021-34763
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an malicious user to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the De...
Cisco Firepower Management Center Virtual Appliance 6.1.0
Cisco Firepower Management Center Virtual Appliance 6.2.0
Cisco Firepower Management Center Virtual Appliance 6.2.3
Cisco Sourcefire Defense Center 6.4.0
Cisco Sourcefire Defense Center 6.5.0
Cisco Sourcefire Defense Center 6.6.0
Cisco Firepower Threat Defense
Cisco Firepower Management Center Virtual Appliance 6.3.0
Cisco Sourcefire Defense Center 6.1.0
Cisco Sourcefire Defense Center 6.2.0
Cisco Sourcefire Defense Center 6.2.3
Cisco Sourcefire Defense Center 6.3.0
Cisco Sourcefire Defense Center 7.1.0
Cisco Firepower Management Center Virtual Appliance 7.1.0
Cisco Sourcefire Defense Center 6.6.1
Cisco Sourcefire Defense Center 6.7.0
Cisco Sourcefire Defense Center 7.0.0
Cisco Firepower Management Center Virtual Appliance 6.4.0
Cisco Firepower Management Center Virtual Appliance 6.5.0
Cisco Firepower Management Center Virtual Appliance 6.6.0
Cisco Firepower Management Center Virtual Appliance 6.6.1
Cisco Firepower Management Center Virtual Appliance 6.7.0
6.1
CVSSv3
CVE-2021-34764
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an malicious user to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the De...
Cisco Firepower Management Center Virtual Appliance 6.1.0
Cisco Firepower Management Center Virtual Appliance 6.2.0
Cisco Firepower Management Center Virtual Appliance 6.2.3
Cisco Sourcefire Defense Center 6.4.0
Cisco Sourcefire Defense Center 6.5.0
Cisco Sourcefire Defense Center 6.6.0
Cisco Firepower Threat Defense
Cisco Firepower Management Center Virtual Appliance 6.3.0
Cisco Sourcefire Defense Center 6.1.0
Cisco Sourcefire Defense Center 6.2.0
Cisco Sourcefire Defense Center 6.2.3
Cisco Sourcefire Defense Center 6.3.0
Cisco Sourcefire Defense Center 7.1.0
Cisco Firepower Management Center Virtual Appliance 7.1.0
Cisco Sourcefire Defense Center 6.6.1
Cisco Sourcefire Defense Center 6.7.0
Cisco Sourcefire Defense Center 7.0.0
Cisco Firepower Management Center Virtual Appliance 6.4.0
Cisco Firepower Management Center Virtual Appliance 6.5.0
Cisco Firepower Management Center Virtual Appliance 6.6.0
Cisco Firepower Management Center Virtual Appliance 6.6.1
Cisco Firepower Management Center Virtual Appliance 6.7.0
8.1
CVSSv3
CVE-2021-34762
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote malicious user to perform a directory traversal attack on an affected device. The attacker would require valid device credentials. The vu...
Cisco Firepower Management Center Virtual Appliance 6.2.3
Cisco Sourcefire Defense Center 6.4.0
Cisco Sourcefire Defense Center 6.5.0
Cisco Firepower Threat Defense
Cisco Sourcefire Defense Center 6.2.3
Cisco Firepower Management Center Virtual Appliance 7.1.0
Cisco Sourcefire Defense Center 6.6.1
Cisco Sourcefire Defense Center 7.0.0
Cisco Firepower Management Center Virtual Appliance 6.4.0
Cisco Firepower Management Center Virtual Appliance 6.5.0
Cisco Firepower Management Center Virtual Appliance 6.6.1
Cisco Firepower Management Center Virtual Appliance 6.7.0
Cisco Firepower Management Center Virtual Appliance 7.0.0
Cisco Firepower Management Center Virtual Appliance 6.6.2
Cisco Firepower Management Center Virtual Appliance 6.6.3
Cisco Firepower Management Center Virtual Appliance 6.6.4
Cisco Sourcefire Defense Center 6.6.2
Cisco Sourcefire Defense Center 6.6.3
Cisco Sourcefire Defense Center 6.6.4
5.4
CVSSv3
CVE-2020-3320
A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerabil...
Cisco Firepower Management Center
Cisco Sourcefire Defense Center 6.4.0
Cisco Sourcefire Defense Center 6.4.0.6
Cisco Sourcefire Defense Center 6.5.0
Cisco Sourcefire Defense Center 6.6.0
6
CVSSv3
CVE-2021-34761
A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local malicious user to overwrite or append arbitrary data to system files using root-level privileges. The attacker must have administrative credentials on the device. This vulnerabili...
Cisco Firepower Management Center Virtual Appliance 6.2.3
Cisco Sourcefire Defense Center 6.4.0
Cisco Firepower Threat Defense
Cisco Sourcefire Defense Center 6.2.3
Cisco Sourcefire Defense Center 7.1.0
Cisco Firepower Management Center Virtual Appliance 7.1.0
Cisco Sourcefire Defense Center 6.6.1
Cisco Sourcefire Defense Center 6.7.0
Cisco Sourcefire Defense Center 7.0.0
Cisco Firepower Management Center Virtual Appliance 6.4.0
Cisco Firepower Management Center Virtual Appliance 6.6.1
Cisco Firepower Management Center Virtual Appliance 6.7.0
Cisco Firepower Management Center Virtual Appliance 7.0.0
7.8
CVSSv3
CVE-2021-34755
Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local malicious user to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.
Cisco Firepower Management Center Virtual Appliance 6.1.0
Cisco Firepower Management Center Virtual Appliance 6.2.0
Cisco Firepower Management Center Virtual Appliance 6.2.3
Cisco Sourcefire Defense Center 6.4.0
Cisco Sourcefire Defense Center 6.5.0
Cisco Sourcefire Defense Center 6.6.0
Cisco Firepower Threat Defense
Cisco Firepower Management Center Virtual Appliance 6.3.0
Cisco Sourcefire Defense Center 6.1.0
Cisco Sourcefire Defense Center 6.2.0
Cisco Sourcefire Defense Center 6.2.3
Cisco Sourcefire Defense Center 6.3.0
Cisco Sourcefire Defense Center 7.1.0
Cisco Firepower Management Center Virtual Appliance 7.1.0
Cisco Sourcefire Defense Center 6.4.0.11
Cisco Sourcefire Defense Center 6.6.1
Cisco Sourcefire Defense Center 6.7.0
Cisco Sourcefire Defense Center 7.0.0
Cisco Firepower Management Center Virtual Appliance 6.4.0
Cisco Firepower Management Center Virtual Appliance 6.4.0.11
Cisco Firepower Management Center Virtual Appliance 6.5.0
Cisco Firepower Management Center Virtual Appliance 6.6.0
7.8
CVSSv3
CVE-2021-34756
Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local malicious user to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.
Cisco Firepower Management Center Virtual Appliance 6.1.0
Cisco Firepower Management Center Virtual Appliance 6.2.0
Cisco Firepower Management Center Virtual Appliance 6.2.3
Cisco Sourcefire Defense Center 6.4.0
Cisco Sourcefire Defense Center 6.5.0
Cisco Sourcefire Defense Center 6.6.0
Cisco Firepower Threat Defense
Cisco Firepower Management Center Virtual Appliance 6.3.0
Cisco Sourcefire Defense Center 6.1.0
Cisco Sourcefire Defense Center 6.2.0
Cisco Sourcefire Defense Center 6.2.3
Cisco Sourcefire Defense Center 6.3.0
Cisco Sourcefire Defense Center 7.1.0
Cisco Firepower Management Center Virtual Appliance 7.1.0
Cisco Sourcefire Defense Center 6.4.0.11
Cisco Sourcefire Defense Center 6.6.1
Cisco Sourcefire Defense Center 6.7.0
Cisco Sourcefire Defense Center 7.0.0
Cisco Firepower Management Center Virtual Appliance 6.4.0
Cisco Firepower Management Center Virtual Appliance 6.4.0.11
Cisco Firepower Management Center Virtual Appliance 6.5.0
Cisco Firepower Management Center Virtual Appliance 6.6.0
7.5
CVSSv3
CVE-2021-34781
A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on the affected device. This vulnerability is du...
Cisco Sourcefire Defense Center 6.4.0
Cisco Sourcefire Defense Center 6.5.0
Cisco Sourcefire Defense Center 6.6.0
Cisco Firepower Threat Defense
Cisco Firepower Management Center Virtual Appliance 6.3.0
Cisco Sourcefire Defense Center 6.3.0
Cisco Sourcefire Defense Center 7.0.0
Cisco Firepower Management Center Virtual Appliance 6.4.0
Cisco Firepower Management Center Virtual Appliance 6.5.0
Cisco Firepower Management Center Virtual Appliance 6.6.0
Cisco Firepower Management Center Virtual Appliance 7.0.0
Cisco Sourcefire Defense Center 6.7.0.3
Cisco Sourcefire Defense Center 6.4.0.13
Cisco Sourcefire Defense Center 6.7.1
Cisco Firepower Management Center Virtual Appliance 6.7.0.3
Cisco Firepower Management Center Virtual Appliance 6.4.0.13
Cisco Firepower Management Center Virtual Appliance 6.7.1
NA
CVE-2010-2306
The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote malicious users to decrypt SSL traffic via a man-in-the-middle (MITM) attack.
Sourcefire 3d2000
Sourcefire 3d9900
Sourcefire 3d1000
Sourcefire Dc1000
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4956
validation
CVE-2024-35221
remote attackers
CVE-2023-30309
CVE-2024-36112
CVE-2024-23109
CVE-2023-43850
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »