Cisco firepower management centre was found to have vulnerabilities such as multiple CSS issues. This was mainly caused by its inability to properly sanitise user inputs. This issue could easily be misused by any attacker to steal credentials and launch various attacks.The vulnerable centres were identified as Cisco FirePOWER Management Center 6.5,Cisco FirePOWER Management Center 6.4 ,Cisco FirePOWER Management Center 6.3,Cisco FirePOWER Management Center 6.2.3.
Cross Site Scripting issues found on Cisco Firepower Management Center
Facebook
Twitter
LinkedIn
Recent Posts
Follow Us
zzcms 2018 template_user.php ml/title code injection
August 26, 2021
No Comments
A vulnerability was found in zzcms 2018 (Content Management System) and classified as critical. This issue affects an unknown function
ZyXEL VPN2S 1.12 Web Server path traversal
September 29, 2021
No Comments
A vulnerability classified as problematic was found in ZyXEL VPN2S 1.12. Affected by this vulnerability is an unknown part of
Zyxel VPN2S 1.12 CGI Program os command injection
September 29, 2021
No Comments
A vulnerability has been found in Zyxel VPN2S 1.12 and classified as critical. This vulnerability affects some unknown processing of
Zyxel USG/USG Flex/Zywall/ATP/VPN up to 4.64 Web-based Management Interface improper authentication
July 2, 2021
No Comments
A vulnerability was found in Zyxel USG, USG Flex, Zywall, ATP and VPN up to 4.64 (Firewall Software). It has
ZyXEL GS1900-8 2.60 LLDP Packet cross site scripting
July 26, 2021
No Comments
A vulnerability was found in ZyXEL GS1900-8 2.60. It has been classified as problematic. This affects an unknown code of
Zynamics BinDiff up to 6 i64 File use after free
June 30, 2021
No Comments
A vulnerability, which was classified as critical, has been found in Zynamics BinDiff up to 6. This issue affects an
Web Application Firewall Solution
CVE-2024-12867 : ARCTIC SECURITY ARCTIC HUB UP TO 5.5.1872 CONFIGURATION SERVER-SIDE REQUEST FORGERY
December 24, 2024
No Comments
Description Server-Side Request Forgery in URL Mapper in Arctic Security’s Arctic Hub versions 3.0.1764-5.6.1877 allows an unauthenticated remote attacker to
CVE-2024-12840 : RED HAT SATELLITE HTTP PROXY SERVER-SIDE REQUEST FORGERY
December 23, 2024
No Comments
Description A server-side request forgery exists in Satellite. When a PUT HTTP request is made to /http_proxies/test_connection, when supplied with
CVE-2024-51466 : IBM COGNOS ANALYTICS UP TO 11.2.4 FP4/12.0.4 EL EXPRESSION LANGUAGE INJECTION
December 23, 2024
No Comments
Description IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 is vulnerable to an Expression Language (EL) Injection