GCVE-VVD-NCSC-2026-77

Advisory PublishedCVSS 6.5/10

Vulnetix · Advisory published March 5, 2026

Multiple vulnerabilities in Cisco products, including an SQL injection flaw in Cisco Secure Firewall Management Center, allow authenticated users or remote attackers to perform actions such as SQL injection, denial of service, privilege escalation, remote code execution, and information disclosure.

Download JSON Open in Console

Weaknesses (CWE)

CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')CWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')CWE-330Use of Insufficiently Random ValuesCWE-20Improper Input ValidationCWE-284Improper Access ControlCWE-27Path Traversal: 'dir/../../filename'CWE-401Missing Release of Memory after Effective LifetimeCWE-279Incorrect Execution-Assigned PermissionsCWE-248Uncaught ExceptionCWE-244Improper Clearing of Heap Memory Before Release ('Heap Inspection')CWE-823Use of Out-of-range Pointer OffsetCWE-404Improper Resource Shutdown or ReleaseCWE-444Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')CWE-138Improper Neutralization of Special ElementsCWE-250Execution with Unnecessary PrivilegesCWE-131Incorrect Calculation of Buffer SizeCWE-190Integer Overflow or WraparoundCWE-772Missing Release of Resource after Effective LifetimeCWE-388-CWE-770Allocation of Resources Without Limits or ThrottlingCWE-120Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')CWE-269Improper Privilege ManagementCWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-787Out-of-bounds WriteCWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')CWE-80Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)CWE-788Access of Memory Location After End of Buffer

Risk Scores

CVSS 3.1

6.5/10

Medium · CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products

Vendor	Product	Versions	Platforms
Cisco	vers:unknown/*	—	—

Aliases

Transitive aliases

GHSA-hvpm-hv6g-6m5c TNCVE-2026-20021 VVD-CESS-2026-20021 GHSA-4378-qv4j-pgj4 GHSA-4q8m-h8wc-99q6 CVE-2024-20412 GHSA-v4mc-99px-fq68 GHSA-qfh3-92rr-375x CISCO-SA-FTD-DND-DOS-BPECG7B7 GHSA-x299-q796-x4w4 BDU:2024-03233 cisco-sa-asaftd-websrvs-dos-X8gNucD2 GHSA-mv8w-c2qv-cgrg EUVD-2026-9482 CVE-2024-20403 BDU:2024-10812 GHSA-m287-fgwg-4xpc EUVD-2026-9479 VVD-CESS-2026-20082 TNCVE-2026-20102 cisco-sa-fmc-xss-dhJxQYZs GSD-2024-20300 BDU:2024-08631 CNVD-2024-44491 CISCO-SA-ASAFTD-NSGACL-BYPASS-77XNEASL cisco-sa-ftd-dnd-dos-bpEcg7B7 cisco-sa-ftd-snort3ssl-FBEKYXpH CVE-2024-20275 CISCO-SA-FMC-XSS-DHJXQYZS CISCO-SA-FMC-FILE-READ-5Q4MQRN GHSA-jgqf-4rxm-w86h GSD-2024-20358 cisco-sa-asa-ssh-keybypass-cr5xPUSf EUVD-2026-9476 CVE-2024-20374 GHSA-m8w7-x24f-68q9 CVE-2024-20329 cisco-sa-asa-vpn-nyH3fhp CISCO-SA-FMC-SQL-INJECT-2ENMTC8V GHSA-m83r-8rcp-wv5v BDU:2024-08867 GHSA-v3gf-g9fc-578x cisco-sa-asaftd-ospf-ZH8PhbSW VVD-CESS-2026-20022 VVD-CESS-2026-20070 CISCO-SA-FTD-SNORT-BYPASS-RLGGKZVF VVD-CESS-2026-20103 GHSA-rmc4-86ph-8m7j cisco-sa-asaftd-bf-dos-vDZhLqrW GHSA-m4qh-qp46-jwg7 CVE-2024-20298 CISCO-SA-ASAFTD-WEBSRVS-DOS-X8GNUCD2 cisco-sa-asaftd-desync-n5AVzEQw GHSA-rgg4-82q2-jw5v cisco-sa-asaftd-saml-LktTrwZP CISCO-SA-ASAFTD-ACL-BYPASS-VVNLNKQF EUVD-2026-9434 GHSA-qjf3-5p7q-6r9m CVE-2024-20269 GHSA-w38w-gj7f-5836 GHSA-rmpg-3w9x-w6pr BDU:2024-08814 EUVD-2026-9433 GHSA-42hx-qv2c-ff49 GHSA-v9vp-c2f8-43hh VVD-CESS-2026-20006 CVE-2024-20424 CVE-2024-20472 cisco-sa-fmc-rce-NKhnULJh cisco-sa-asa-vpn-4gYEWMKg VVD-CESS-2026-20031 BDU:2024-10829 GSD-2024-20403 CNVD-2024-44487 CISCO-SA-FTDFMC-DIR-TRAV-WERGJHWQ cisco-sa-sa-ftd-snort-fw-BCJTZPMu CVE-2024-20384 cisco-sa-asa-dos-FCvLD6vR GSD-2024-20260 GSD-2024-20384 VVD-CESS-2026-20015 cisco-sa-clamav-css-Fn4QSZ VVD-CESS-2026-20008 EUVD-2026-9458 GSD-2024-20410 CVE-2024-20493 cisco-sa-ftd-tls-dos-QXYE5Ufy VVD-CESS-2026-20001 BDU:2024-10837 BDU:2024-08817 EUVD-2026-9425 BDU:2024-10825 WID-SEC-W-2024-0965 EUVD-2026-9431 CISCO-SA-ASAFTD-LUAINJECT-VESCQGMS VVD-CESS-2026-20044 BDU:2024-08557 CISCO-SA-FTD-TCP-DOS-RHFQNWRG cisco-sa-ftd-tcp-dos-rHfqnwRg BDU:2024-08847 BDU:2024-08576 cisco-sa-fmc-file-read-5q4mQRn GHSA-5q5x-hwcj-q6c2 EUVD-2026-9477 VVD-CESS-2026-20007 VVD-CISA-2026-20131 GSD-2024-20273 GSD-2024-20374 CVE-2024-20299 VVD-CESS-2026-20101 VVD-CESS-2026-20050 CVE-2024-20364 CVE-2024-20377 GSD-2024-20473 GHSA-r5hp-h863-8vpx WID-SEC-W-2024-3267 GHSA-pp78-fggv-r899 cisco-sa-asaftd-persist-lce-vU3ekMJ3 CISCO-SA-ASAFTD-OSPF-ZH8PHBSW TNCVE-2026-20014 CVE-2024-20402 cisco-sa-ftd-statcred-dFC8tXT5 GHSA-4fg2-48mj-xwjm VVD-CESS-2026-20073 EUVD-2026-9463 cisco-sa-onprem-fmc-authbypass-5JPp45V2 BDU:2024-10830 BDU:2024-10835 CVE-2024-20260 CVE-2024-20351 GHSA-27g3-cp2g-22pw VVD-CESS-2026-20016 EUVD-2026-9453 GHSA-mj8r-4vp9-fx97 CVE-2024-20372 BDU:2024-08844 BDU:2024-08799 GHSA-vq87-vqwh-6mj9 EUVD-2026-9439 GHSA-xwx2-g284-r7j9 GHSA-vv26-9jw2-p445 GHSA-p38m-32qc-f4cg GSD-2024-20297 cisco-sa-asaftd-xss-yjj7ZjVq cisco-sa-ftd-geoip-bypass-MB4zRDu VVD-CESS-2026-20105 CVE-2024-20274 GSD-2024-20264 GHSA-prx7-jm7p-362c cisco-sa-snort-rf-bypass-OY8f3pnM GSD-2024-20407 TNCVE-2026-20106 CVE-2024-20341 cisco-sa-ftd2100-snort-dos-M9HuMt75 cisco-sa-asaftd-luainject-VescqgmS cisco-sa-ftd-cmd-inj-mTzGZexf EUVD-2026-9480 CVE-2024-20482 GHSA-8j6j-jm5x-gjfx CISCO-SA-ASA-VPN-NYH3FHP GHSA-cqv2-qp3h-xq97 CISCO-SA-SNORT-BYPASS-PTRY37FX GHSA-9qmm-x6v7-php3 WID-SEC-W-2024-3265 cisco-sa-asa-tls-CWY6zXB cisco-sa-asa-ssh-rce-gRAuPEUF GSD-2024-20493 BDU:2024-08632 CVE-2026-20131 VVD-CESS-2026-20009 GHSA-4jwf-2c3g-hqmj GHSA-rjp2-r49q-cqxh CVE-2024-20410 CVE-2024-20339 BDU:2024-08575 BDU:2024-08890 GSD-2024-20341 GHSA-7874-r67m-25qh BDU:2024-10815 CVE-2024-20407 CVE-2024-20388 CISCO-SA-ASAFTDVIRTUAL-DOS-MUENGNYR GSD-2024-20342 cisco-sa-ftdfmc-dir-trav-wERgjhWq EUVD-2026-9441 TNCVE-2026-20015 CVE-2024-20264 CVE-2024-20471 BDU:2024-10827 GHSA-gxcq-9p33-rq8f cisco-sa-asaftd-nsgacl-bypass-77XnEAsL CISCO-SA-ASA-FTD-PRIV-ESC-HBS9GNWQ GHSA-h526-7r62-gcj9 CNVD-2024-43201 cisco-sa-asaftd-snmp-dos-7TcnzxTU CVE-2024-20409 BDU:2024-10813 GHSA-253g-rphr-6h5j BDU:2024-11141 CISCO-SA-ASAFTD-CMD-INJ-ZJV8WYSM GHSA-924w-xj2p-25w9 VVD-CESS-2026-20003 ESB-2026.3678 GHSA-chrm-52hv-4ff4 GHSA-83hg-vhh4-2hfh VVD-CESS-2026-20069 BDU:2024-10834 BDU:2024-10832 VVD-CESS-2026-20023 CVE-2024-20387 OPENSUSE-SU-2026:10325-1 GHSA-gr7r-qqx6-v859 TNCVE-2026-20008 EUVD-2026-9443 cisco-sa-asaftd-dap-dos-bhEkP7n GHSA-2jcv-f397-c9m8 GSD-2024-20364 BDU:2024-08846 CNVD-2024-44495 GSD-2024-20482 cisco-sa-asaftd-acl-bypass-VvnLNKqf CISCO-SA-ASAFTD-XSS-YJJ7ZJVQ GHSA-fqfv-4r6p-w7m3 CNVD-2024-43204 CISCO-SA-ASAFTD-BF-DOS-VDZHLQRW BDU:2024-08827 EUVD-2026-9430 GHSA-rqwm-368v-fp53 BDU:2024-03264 GHSA-33pq-q8j2-pf3g VVD-CESS-2026-20018 cisco-sa-fmc-sql-injection-2qH6CcJd GHSA-r8xj-9pfh-x4pw EUVD-2026-9426 GSD-2024-20269 CNVD-2024-43203 BDU:2024-08855 EUVD-2026-9429 GSD-2024-20372 BDU:2024-08891 GSD-2024-20382 cisco-sa-asaftd-ikev2-dos-eBueGdEG EUVD-2026-9478 CVE-2024-20300 BDU:2024-08830 BDU:2024-08834 BDU:2024-10831 CVE-2026-20079 WID-SEC-W-2024-3262 VVD-CESS-2026-20020 TNCVE-2026-20009 GSD-2024-20526 NCSC-2026-0077 CVE-2024-20426 GHSA-fqcq-8xcg-f9hh BDU:2024-10811 cisco-sa-asaftd-aclbypass-dos-CVxVRSvQ GHSA-9hgq-rrv7-j79j BDU:2024-08567 cisco-sa-asa-ftd-priv-esc-hBS9gnwq BDU:2024-08566 GHSA-3r4j-q266-j9h3 TNCVE-2026-20105 CNVD-2025-05985 CISCO-SA-ASA-SSH-DOS-EEDWU5RM VVD-CESS-2026-20049 EUVD-2026-9442 GHSA-9688-r3h2-vvjq BDU:2024-08598 GSD-2024-20340 cisco-sa-asaftd-cmd-inj-ZJV8Wysm GHSA-f74q-99mf-mmj8 GHSA-f3x2-jxv4-r583 GSD-2024-20299 CISCO-SA-ASA-VPN-4GYEWMKG EUVD-2026-9455 cisco-sa-fmc-cmd-inject-S9ZM4EJf GHSA-x463-pc3r-q5g5 EUVD-2026-9444 GSD-2024-20481 GHSA-jwpj-m256-82wg GSD-2024-20431 GSD-2024-20275 CISCO-SA-FMC-CMD-INJ-2HBKA97G cisco-sa-fmc-priv-esc-CMQ4S6m7 WID-SEC-W-2024-3269 GHSA-f928-7mj9-m8wx CVE-2024-20342 GHSA-ch3j-whf9-3xp2 CISCO-SA-ASA-SSH-KEYBYPASS-CR5XPUSF cisco-sa-asaftd-persist-rce-FLsNXF4h cisco-sa-fmc-cmd-inj-v3AWDqN7 CISCO-SA-FMC-HTML-INJ-NFJEYHXZ EUVD-2026-9457 GHSA-w6gx-j65f-mmx4 CNVD-2024-43202 GSD-2024-20386 BDU:2024-08896 cisco-sa-fmc-xss-infodisc-RL4mJFer CISCO-SA-FMC-PRIV-ESC-CMQ4S6M7 TNCVE-2026-20039 GSD-2024-20353 GHSA-f3vw-6vxw-fwf4 GSD-2024-20298 CNVD-2024-43206 CNVD-2024-44489 GSD-2024-20274 GSD-2024-20471 GHSA-jr5q-32rg-gcqq CVE-2024-20273 CNVD-2024-43207 cisco-sa-asaftdvirtual-dos-MuenGnYR BDU:2024-10826 GHSA-6vh9-9qf6-mvjj VVD-CESS-2026-20024 GHSA-jrcg-6c8x-ff3h GSD-2024-20370 CERTFR-2024-ALE-007 CNVD-2024-44492 GHSA-hvrr-v8q8-3r9q EUVD-2024-18196 GHSA-4qrp-r28g-j2vf cisco-sa-asa-ssh-dos-eEDWu5RM CISCO-SA-ASAFTD-SAML-LKTTRWZP GSD-2024-20472 GHSA-f7qm-mcg6-fhvg GSD-2024-20331 CVE-2024-20526 EUVD-2026-9428 VVD-CESS-2026-20025 GHSA-vrw4-xqvw-j7j7 cisco-sa-asa-vpn-cZf8gT CNVD-2024-43209 CVE-2024-20408 VVD-CESS-2026-20039 TNCVE-2026-20103 ESB-2026.3677 VVD-CESS-2026-20131 CVE-2024-20330 TNCVE-2026-20101 GHSA-pvq2-4ff4-p9w6 GHSA-4wgv-wwff-cw37 VVD-CESS-2026-20064 NCSC-2024-0424 BDU:2024-11140 GHSA-p6rg-m225-p79c EUVD-2026-9436 cisco-sa-asaftd-esp-dos-uv7yD8P5 GHSA-x599-6m8q-75qp GHSA-hf42-4qwp-gc9r EUVD-2026-9483 GHSA-6grm-m6x5-4cvx CISCO-SA-FMC-CMD-INJ-G8AOKNDP GHSA-5xm6-h565-q6mc BDU:2024-10814 VVD-CESS-2026-20062 cisco-sa-ftd-snort-bypass-rLggKzVF CISCO-SA-ASAFTD-VPN-M9SX6MBC EUVD-2026-9437 VVD-CESS-2026-20102 CVE-2024-20485 GHSA-cp3f-3wc5-j85w CISCO-SA-SNORT-RF-BYPASS-OY8F3PNM cisco-sa-asa-scpcxt-filecpy-rgeP73nE VVD-ANCHORE-2026-20031 cisco-sa-asaftd-vpn-dos-SpOFF2Re CISCO-SA-FTD-CMD-INJ-MTZGZEXF GHSA-8pv3-xhwv-wgg4 EUVD-2026-9424 CISCO-SA-ASAFTD-DESYNC-N5AVZEQW EUVD-2026-9456 VVD-CESS-2026-20017 BDU:2024-08856 CISCO-SA-FMC-SQL-INJ-LOYAFCFQ GHSA-99cr-qjpc-34g3 EUVD-2026-9438 cisco-sa-asaftd-webvpn-dos-hOnB9pH4 BDU:2024-03265 EUVD-2026-9470 EUVD-2026-9472 CNVD-2024-44490 GHSA-6jcc-w84h-p298 GHSA-8vhw-wjxq-h782 GHSA-4j6q-qq58-w4v4 GSD-2024-20409 VVD-NCSC-2024-424 BDU:2024-10839 CISCO-SA-FTD-GEOIP-BYPASS-MB4ZRDU GHSA-hm6q-48c6-p943 EUVD-2026-9435 cisco-sa-fmc-sql-inject-2EnmTC8v VVD-CESS-2026-20014 VVD-CESS-2026-20013 EUVD-2026-9469 GHSA-hwhr-j2m2-9887 GHSA-69cj-c8c5-j9xj EUVD-2026-9481 BDU:2024-10828 CVE-2024-20495 BDU:2024-08838 EUVD-2026-9471 VVD-CESS-2026-20106 VVD-CESS-2026-20079 CVE-2024-20297 CVE-2024-20353 VVD-CESS-2026-20063 GHSA-3j6m-cq99-v646 CVE-2024-20494 CNVD-2024-43205 CVE-2024-20382 GHSA-gvjq-f8m6-m457 cisco-sa-fmc-html-inj-nfJeYHxz EUVD-2026-9454 EUVD-2026-9468 CVE-2024-20379 VVD-NCSC-2026-76 GSD-2024-20415 GSD-2024-20379 GHSA-pj9f-9jr9-4wm7 cisco-sa-fmc-sql-inj-LOYAFcfq GHSA-x2pv-vmm7-rhwr VVD-CESS-2026-20052 BDU:2024-08854 CVE-2024-20331 BDU:2024-08889 WID-SEC-W-2024-3261 CVE-2024-20359 GHSA-2cx5-9j54-v8vq TNCVE-2026-20050 GHSA-mh5f-h37q-2qm8 BDU:2024-10833 CVE-2024-20481 cisco-sa-fmc-cmd-inj-g8AOKnDP cisco-sa-asaftd-ikev2-dos-9FgEyHsF BDU:2024-10838 TNCVE-2026-20049 BDU:2024-11132 BDU:2024-08881 EUVD-2026-9440 VVD-CESS-2026-20100 CVE-2024-20386 CVE-2024-20431 VVD-CESS-2026-20002 cisco-sa-fmc-cmd-inj-2HBkA97G CVE-2024-20415 CVE-2024-20473 BDU:2024-08837 CISCO-SA-FMC-SQL-INJECTION-2QH6CCJD CVE-2024-20268 GHSA-hr33-3275-hjcv GHSA-c9c2-73hm-242h cisco-sa-asaftd-webvpn-xss-uwjc4HR CVE-2024-20370 EUVD-2026-9432 TNCVE-2026-20013 GHSA-9pj9-8qr7-5x38 cisco-sa-snort-bypass-PTry37fX BDU:2024-08841 cisco-sa-asaftd-vpn-m9sx6MbC GHSA-r229-mj76-g2qx

References

advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON