CVE-2016-6396

5.3MEDIUM

Key Information:

Vendor: Cisco
Status: Firesight System Software
Vendor: CVE Published:; 12 September 2016

Summary

Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1, when certain malware blocking options are enabled, allow remote attackers to bypass malware detection via crafted fields in HTTP headers, aka Bug ID CSCuz44482.

References

http://www.securityfocus.com/bid/92826

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1036756

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 12, 2016
Vulnerability Reserved
Jul 26, 2016