Clickjacking Vulnerability in Cisco Firepower OS on Firepower 9000 Devices
CVE-2015-6374

Currently unrated

Key Information:

Vendor: Cisco
Status: Firepower Extensible Operating System
Vendor: CVE Published:; 19 November 2015

What is CVE-2015-6374?

The web interface of Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices lacks proper restrictions for IFRAME elements. This oversight makes it susceptible to clickjacking attacks, enabling remote attackers to manipulate user interactions through deceitful web interfaces. Consequently, this vulnerability could facilitate other unspecified attacks when users are misled into clicking on malicious content, thereby compromising their security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Nov 19, 2015
Vulnerability Reserved
Aug 17, 2015

JSON

Cisco

What is CVE-2015-6374?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.