51 matches found
CVE-2016-6411
Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 mishandle comparisons between URLs and X.509 certificates, which allows remote attackers to bypass intended do-not-decrypt settings via a crafted URL, aka Bug ID CSCva50585...
Cisco Firepower Management Center and FireSIGHT System Software Security Bypass Vulnerability (CNVD-2016-08193)
Cisco Firepower Management Center and FireSIGHT System Software are management center software from Cisco USA. A security vulnerability exists in Cisco Firepower Management Center and Cisco FireSIGHT System that allows an attacker to bypass configured SSL inspection rules with a specially crafted...
Cisco Firepower Management Center and FireSIGHT System Software SSLIinspection Bypass Vulnerability
A vulnerability in SSL inspection for Cisco Firepower Management Center and Cisco FireSIGHT System software could allow an unauthenticated, remote attacker to bypass configured do-not-decrypt rules in the SSL policy rule set. The vulnerability is due to lack of verification of the user input...
CVE-2016-6396
Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1, when certain malware blocking options are enabled, allow remote attackers to bypass malware detection via crafted fields in HTTP headers, aka Bug ID CSCuz44482...
CVE-2016-6395
Cross-site scripting XSS vulnerability in the web-based management interface in Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz58658...
CVE-2016-6394
Session fixation vulnerability in Cisco Firepower Management Center and Cisco FireSIGHT System Software through 6.1.0 allows remote attackers to hijack web sessions via a session identifier, aka Bug ID CSCuz80503...
CVE-2016-6394
Session fixation vulnerability in Cisco Firepower Management Center and Cisco FireSIGHT System Software through 6.1.0 allows remote attackers to hijack web sessions via a session identifier, aka Bug ID CSCuz80503...
Session fixation
Session fixation vulnerability in Cisco Firepower Management Center and Cisco FireSIGHT System Software through 6.1.0 allows remote attackers to hijack web sessions via a session identifier, aka Bug ID CSCuz80503...
CVE-2016-6394
Cisco Firepower Management Center and FireSIGHT System Software (up to version 6.1.0) suffer a session fixation flaw where the application does not assign a new session identifier after authentication, enabling an attacker to hijack a valid user session. Root cause: insecure session handling in t...
CVE-2016-6395
Cisco Firepower Management Center and FireSIGHT System Software are affected by CVE-2016-6395; the web-based management interface vulnerability allows remote authenticated users to inject arbitrary script or HTML via a crafted URL (XSS) in versions before 6.1. The issue is associated with Bug ID ...
CVE-2016-6394
Session fixation vulnerability in Cisco Firepower Management Center and Cisco FireSIGHT System Software through 6.1.0 allows remote attackers to hijack web sessions via a session identifier, aka Bug ID CSCuz80503...
CVE-2016-6396
Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1, when certain malware blocking options are enabled, allow remote attackers to bypass malware detection via crafted fields in HTTP headers, aka Bug ID CSCuz44482...
Cisco Firepower Management Center and FireSIGHT System Software Session Fixation Vulnerability
Cisco Firepower Management Center and FireSIGHT System Software are management center software from Cisco in the United States. A session fixation vulnerability exists in Cisco Firepower Management Center and FireSIGHT System Software, which allows remote attackers to exploit the vulnerability to...
Cisco Firepower Management Center and FireSIGHT System Software Cross-Site Scripting Vulnerability
Cisco Firepower Management Center and FireSIGHT System Software are management center software from Cisco in the United States. A cross-site scripting vulnerability in the web-based management interface of Cisco Firepower Management Center and FireSIGHT System Software allows remote attackers to...
Cisco Firepower Management Center and FireSIGHT System Software Malware Bypass Vulnerability
A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. The vulnerability is due to improper input...
Cisco FireSIGHT System Software Snort Rule Bypass Vulnerability
A vulnerability in Snort rule detection in Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass configured rules that use Snort detection. The vulnerability is due to improper handling of HTTP header parameters. An attacker could exploit this vulnerability by...
Design/Logic Flaw
Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737...
Cisco FireSIGHT System Software Multiple Vulnerabilities
A vulnerability in credential authentication for valid and invalid username-password pairs for Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to determine a list of valid usernames for an affected device. A vulnerability in the HTTP web-based management interface ...
Cisco FireSIGHT System Software HTTP web-based Management Interface Cross-Site Scripting Vulnerability
Cisco FireSIGHT System Software is the United States Cisco Cisco company's set of management center software, which supports the centralized management of the use of FirePOWER Services Cisco ASA and Cisco FirePOWER network security appliances network security and operational functions of the...
Cisco FireSIGHT System Software Convert Timing Channel Information Disclosure Vulnerability
Cisco FireSIGHT System Software is the United States Cisco Cisco company's set of management center software, which supports the centralized management of the use of FirePOWER Services Cisco ASA and Cisco FirePOWER network security appliances network security and operational functions of the...