File Read Vulnerability in Cisco Firepower 9000 Devices
CVE-2015-6371

Currently unrated

Key Information:

Vendor: Cisco
Status: Firepower Extensible Operating System
Vendor: CVE Published:; 19 November 2015

What is CVE-2015-6371?

The vulnerability enables remote authenticated users to exploit certain scripts in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices, allowing them to read arbitrary files through crafted parameters. This poses a serious risk as it could lead to unauthorized access to sensitive information stored on the affected systems. Organizations using Cisco Firepower 9000 devices should promptly review and implement the necessary security patches provided in the Cisco advisory to mitigate this vulnerability.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 19, 2015
Vulnerability Reserved
Aug 17, 2015