Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco firesight system software 5.4.1 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-6766
A vulnerability in the Secure Sockets Layer (SSL) Decryption and Inspection feature of Cisco Firepower System Software 5.4.0, 5.4.1, 6.0.0, 6.1.0, 6.2.0, 6.2.1, and 6.2.2 could allow an unauthenticated, remote malicious user to bypass the SSL policy for decrypting and inspecting ...
Cisco Firesight System Software 5.4.1
Cisco Firesight System Software 6.0.0
Cisco Firesight System Software 6.1.0
Cisco Firesight System Software 6.2.0
Cisco Firesight System Software 6.2.1
Cisco Firesight System Software 5.4.0
Cisco Firesight System Software 6.2.2
7.5
CVSSv3
CVE-2017-3730
In OpenSSL 1.1.0 prior to 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack.
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0b
Openssl Openssl 1.1.0a
Oracle Agile Engineering Data Management 6.2.0
Oracle Jd Edwards World Security A9.2
Oracle Communications Eagle Lnp Application Processor 10.1
Oracle Communications Application Session Controller 3.7.1
Oracle Jd Edwards World Security A9.4
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Agile Engineering Data Management 6.1.3
Oracle Jd Edwards World Security A9.1
Oracle Jd Edwards World Security A9.3
Oracle Communications Eagle Lnp Application Processor 10.0
Oracle Communications Eagle Lnp Application Processor 10.2
Oracle Communications Application Session Controller 3.8.0
1 EDB exploit
1 Github repository
1 Article
7.5
CVSSv3
CVE-2017-3733
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 prior to 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0d
Openssl Openssl 1.1.0a
Openssl Openssl 1.1.0b
Hp Operations Agent 11.15
Hp Operations Agent 11.14
1 Github repository
6.2
CVSSv3
CVE-2015-7975
The nextvar function in NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90 does not properly validate the length of its input, which allows an malicious user to cause a denial of service (application crash).
Ntp Ntp 4.3.0
Ntp Ntp 4.3.1
Ntp Ntp 4.3.16
Ntp Ntp 4.3.17
Ntp Ntp 4.3.18
Ntp Ntp 4.3.24
Ntp Ntp 4.3.25
Ntp Ntp 4.3.31
Ntp Ntp 4.3.32
Ntp Ntp 4.3.39
Ntp Ntp 4.3.4
Ntp Ntp 4.3.40
Ntp Ntp 4.3.47
Ntp Ntp 4.3.48
Ntp Ntp 4.3.54
Ntp Ntp 4.3.55
Ntp Ntp 4.3.62
Ntp Ntp 4.3.63
Ntp Ntp 4.3.7
Ntp Ntp 4.3.70
Ntp Ntp 4.3.77
Ntp Ntp 4.3.78
4.3
CVSSv3
CVE-2015-7976
The ntpq saveconfig command in NTP 4.1.2, 4.2.x prior to 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows malicious users to cause unspecified impact via a crafted filename.
Ntp Ntp 4.1.2
Ntp Ntp
Ntp Ntp 4.3.0
Ntp Ntp 4.3.1
Ntp Ntp 4.3.16
Ntp Ntp 4.3.17
Ntp Ntp 4.3.24
Ntp Ntp 4.3.25
Ntp Ntp 4.3.31
Ntp Ntp 4.3.32
Ntp Ntp 4.3.39
Ntp Ntp 4.3.4
Ntp Ntp 4.3.47
Ntp Ntp 4.3.48
Ntp Ntp 4.3.54
Ntp Ntp 4.3.55
Ntp Ntp 4.3.61
Ntp Ntp 4.3.62
Ntp Ntp 4.3.63
Ntp Ntp 4.3.7
Ntp Ntp 4.3.70
Ntp Ntp 4.3.77
4.8
CVSSv3
CVE-2015-8140
The ntpq protocol in NTP prior to 4.2.8p7 allows remote malicious users to conduct replay attacks by sniffing the network.
Ntp Ntp
6.5
CVSSv3
CVE-2015-7973
NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90, when configured in broadcast mode, allows man-in-the-middle malicious users to conduct replay attacks by sniffing the network.
Ntp Ntp
Ntp Ntp 4.2.8
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
Freebsd Freebsd 9.3
Freebsd Freebsd
Freebsd Freebsd 10.1
Freebsd Freebsd 10.2
Netapp Clustered Data Ontap -
Netapp Oncommand Balance -
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
5.3
CVSSv3
CVE-2015-8139
ntpq in NTP prior to 4.2.8p7 allows remote malicious users to obtain origin timestamps and then impersonate peers via unspecified vectors.
Ntp Ntp
8.8
CVSSv3
CVE-2016-6417
Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 4.10.2 up to and including 6.1.0 and Firepower Management Center allows remote malicious users to hijack the authentication of arbitrary users, aka Bug ID CSCva21636.
Cisco Firesight System Software 4.10.2
Cisco Firesight System Software 5.1.0
Cisco Firesight System Software 4.10.2.4
Cisco Firesight System Software 4.10.2.5
Cisco Firesight System Software 4.10.3.7
Cisco Firesight System Software 4.10.3.8
Cisco Firesight System Software 5.1.1.2
Cisco Firesight System Software 5.1.1.3
Cisco Firesight System Software 5.1.1.11
Cisco Firesight System Software 5.2.0.1
Cisco Firesight System Software 5.3.0.2
Cisco Firesight System Software 5.4.0
Cisco Firesight System Software 5.4.1
Cisco Firesight System Software 5.3.1.5
Cisco Firesight System Software 5.2.0.8
Cisco Firesight System Software 6.0.0.1
Cisco Firesight System Software 6.0.1
Cisco Firesight System Software 5.4.0.3
Cisco Firesight System Software 5.4.0.5
Cisco Firesight System Software 4.10.2.2
Cisco Firesight System Software 4.10.2.3
Cisco Firesight System Software 4.10.3.5
9.1
CVSSv3
CVE-2016-6394
Session fixation vulnerability in Cisco Firepower Management Center and Cisco FireSIGHT System Software up to and including 6.1.0 allows remote malicious users to hijack web sessions via a session identifier, aka Bug ID CSCuz80503.
Cisco Firesight System Software 5.2.0.3
Cisco Firesight System Software 5.2.0.4
Cisco Firesight System Software 5.3.1.1
Cisco Firesight System Software 6.0.0
Cisco Firesight System Software 5.3.1.4
Cisco Firesight System Software 5.4.0.1
Cisco Firesight System Software 5.3.0.3
Cisco Firesight System Software 5.3.0.4
Cisco Firesight System Software 5.4.0.6
Cisco Firesight System Software 5.2.0
Cisco Firesight System Software 5.3.0
Cisco Firesight System Software 5.3.0.1
Cisco Firesight System Software 5.3.0.2
Cisco Firesight System Software 5.3.1
Cisco Firesight System Software 5.4.1.2
Cisco Firesight System Software 5.4.1.3
Cisco Firesight System Software 5.4.1.4
Cisco Firesight System Software 6.0.0.1
Cisco Firesight System Software 5.3.0.7
Cisco Firesight System Software 5.4.0.2
Cisco Firesight System Software 5.2.0.1
Cisco Firesight System Software 5.2.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »