Lucene search

[email protected]CVE-2016-9193

HistoryDec 14, 2016 - 12:59 a.m.

CVE-2016-9193

2016-12-1400:59:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2016-9193

cisco

firepower

management center

firesight

system software

vulnerability

bypass

malware detection

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

7.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

52.3%

JSON

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. Affected Products: Cisco Firepower Management Center and FireSIGHT System Software are affected when they are configured to use a file policy that has the Block Malware action. More Information: CSCvb27494. Known Affected Releases: 6.0.1.1 6.1.0.

CPENameOperatorVersion
cisco:firesight_system_softwarecisco firesight system softwareeq6.1.0
cisco:firepower_management_centercisco firepower management centereq6.0.0.0
cisco:firepower_management_centercisco firepower management centereq6.0.1.1
cisco:firesight_system_softwarecisco firesight system softwareeq6.0.0.0
cisco:firepower_management_centercisco firepower management centereq6.0.1
cisco:firepower_management_centercisco firepower management centereq6.0.0
cisco:firesight_system_softwarecisco firesight system softwareeq6.0.1.1
cisco:firepower_management_centercisco firepower management centereq6.1.0
cisco:firepower_management_centercisco firepower management centereq6.0.0.1
cisco:firesight_system_softwarecisco firesight system softwareeq6.0.0.1

CPE	Name	Operator	Version
cisco:firesight_system_software	cisco firesight system software	eq	6.1.0
cisco:firepower_management_center	cisco firepower management center	eq	6.0.0.0
cisco:firepower_management_center	cisco firepower management center	eq	6.0.1.1
cisco:firesight_system_software	cisco firesight system software	eq	6.0.0.0
cisco:firepower_management_center	cisco firepower management center	eq	6.0.1
cisco:firepower_management_center	cisco firepower management center	eq	6.0.0
cisco:firesight_system_software	cisco firesight system software	eq	6.0.1.1
cisco:firepower_management_center	cisco firepower management center	eq	6.1.0
cisco:firepower_management_center	cisco firepower management center	eq	6.0.0.1
cisco:firesight_system_software	cisco firesight system software	eq	6.0.0.1

Rows per page:

1-10 of 121

References

www.securityfocus.com/bid/94801

www.securitytracker.com/id/1037421

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-firepower

Social References

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

7.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

52.3%

JSON

Related for CVE-2016-9193

prion1 cvelist1 openvas2 cisco1