Privilege Escalation Vulnerability in Cisco FireSIGHT System Software
CVE-2016-6420

6.5MEDIUM

Key Information:

Vendor: Cisco
Status: Firesight System Software
Vendor: CVE Published:; 5 October 2016

Summary

Cisco FireSIGHT System Software versions 4.10.3 through 5.4.0 in Firepower Management Center contains a vulnerability that permits remote authenticated users to bypass authorization checks. This flaw can be exploited using a specially crafted HTTP request, allowing attackers to gain elevated privileges within the system, potentially compromising sensitive data and functionalities. Organizations using affected versions should apply available security updates to mitigate risks associated with this vulnerability.