CVE-2016-1463

7.5HIGH

Key Information:

Vendor
Cisco
Status
Firesight System Software
Vendor
CVE Published:
28 July 2016

Summary

Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737.

References

http://www.securitytracker.com/id/1036471
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/92152
vdb-entryx_refsource_BID
http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.