Unauthenticated File Access Vulnerability in Cisco Firepower 9000 Devices
CVE-2015-6368

Currently unrated

Key Information:

Vendor: Cisco
Status: Firepower Extensible Operating System
Vendor: CVE Published:; 19 November 2015

What is CVE-2015-6368?

The Cisco Firepower Extensible Operating System before version 1.1(1.160) on Firepower 9000 devices is susceptible to a vulnerability that allows remote attackers to read sensitive files through crafted HTTP requests. This weakness enables unauthorized access, which could potentially lead to further exploitation or information disclosure. Users are encouraged to apply the latest updates from Cisco to mitigate this risk.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 19, 2015
Vulnerability Reserved
Aug 17, 2015