Lucene search
+L

51 matches found

OSV
OSV
added 2016/09/24 1:59 a.m.5 views

CVE-2016-6411

Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 mishandle comparisons between URLs and X.509 certificates, which allows remote attackers to bypass intended do-not-decrypt settings via a crafted URL, aka Bug ID CSCva50585...

7.5CVSS5.8AI score0.00749EPSS
Exploits0References2
CNVD
CNVD
added 2016/09/24 12:0 a.m.4 views

Cisco Firepower Management Center and FireSIGHT System Software Security Bypass Vulnerability (CNVD-2016-08193)

Cisco Firepower Management Center and FireSIGHT System Software are management center software from Cisco USA. A security vulnerability exists in Cisco Firepower Management Center and Cisco FireSIGHT System that allows an attacker to bypass configured SSL inspection rules with a specially crafted...

7.5CVSS6.8AI score0.00749EPSS
Exploits0References1
Cisco
Cisco
added 2016/09/21 4:0 p.m.40 views

Cisco Firepower Management Center and FireSIGHT System Software SSLIinspection Bypass Vulnerability

A vulnerability in SSL inspection for Cisco Firepower Management Center and Cisco FireSIGHT System software could allow an unauthenticated, remote attacker to bypass configured do-not-decrypt rules in the SSL policy rule set. The vulnerability is due to lack of verification of the user input...

5CVSS7.5AI score0.00749EPSS
Exploits0References1
NVD
NVD
added 2016/09/12 10:59 a.m.24 views

CVE-2016-6396

Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1, when certain malware blocking options are enabled, allow remote attackers to bypass malware detection via crafted fields in HTTP headers, aka Bug ID CSCuz44482...

5.3CVSS5.3AI score0.01244EPSS
Exploits0References3
OSV
OSV
added 2016/09/12 10:59 a.m.7 views

CVE-2016-6395

Cross-site scripting XSS vulnerability in the web-based management interface in Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz58658...

5.4CVSS5.9AI score0.01104EPSS
Exploits0References3
NVD
NVD
added 2016/09/12 10:59 a.m.18 views

CVE-2016-6394

Session fixation vulnerability in Cisco Firepower Management Center and Cisco FireSIGHT System Software through 6.1.0 allows remote attackers to hijack web sessions via a session identifier, aka Bug ID CSCuz80503...

9.1CVSS9.1AI score0.01448EPSS
Exploits0References3
OSV
OSV
added 2016/09/12 10:59 a.m.8 views

CVE-2016-6394

Session fixation vulnerability in Cisco Firepower Management Center and Cisco FireSIGHT System Software through 6.1.0 allows remote attackers to hijack web sessions via a session identifier, aka Bug ID CSCuz80503...

9.1CVSS5.8AI score0.01448EPSS
Exploits0References3
Prion
Prion
added 2016/09/12 10:59 a.m.19 views

Session fixation

Session fixation vulnerability in Cisco Firepower Management Center and Cisco FireSIGHT System Software through 6.1.0 allows remote attackers to hijack web sessions via a session identifier, aka Bug ID CSCuz80503...

5.8CVSS7.1AI score0.01448EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2016/09/12 10:0 a.m.50 views

CVE-2016-6394

Cisco Firepower Management Center and FireSIGHT System Software (up to version 6.1.0) suffer a session fixation flaw where the application does not assign a new session identifier after authentication, enabling an attacker to hijack a valid user session. Root cause: insecure session handling in t...

9.1CVSS9AI score0.01448EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2016/09/12 10:0 a.m.58 views

CVE-2016-6395

Cisco Firepower Management Center and FireSIGHT System Software are affected by CVE-2016-6395; the web-based management interface vulnerability allows remote authenticated users to inject arbitrary script or HTML via a crafted URL (XSS) in versions before 6.1. The issue is associated with Bug ID ...

5.4CVSS5AI score0.01104EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2016/09/12 10:0 a.m.23 views

CVE-2016-6394

Session fixation vulnerability in Cisco Firepower Management Center and Cisco FireSIGHT System Software through 6.1.0 allows remote attackers to hijack web sessions via a session identifier, aka Bug ID CSCuz80503...

9.1AI score0.01448EPSS
Exploits0References3
Cvelist
Cvelist
added 2016/09/12 10:0 a.m.29 views

CVE-2016-6396

Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1, when certain malware blocking options are enabled, allow remote attackers to bypass malware detection via crafted fields in HTTP headers, aka Bug ID CSCuz44482...

5.3AI score0.01244EPSS
Exploits0References3
CNVD
CNVD
added 2016/09/09 12:0 a.m.4 views

Cisco Firepower Management Center and FireSIGHT System Software Session Fixation Vulnerability

Cisco Firepower Management Center and FireSIGHT System Software are management center software from Cisco in the United States. A session fixation vulnerability exists in Cisco Firepower Management Center and FireSIGHT System Software, which allows remote attackers to exploit the vulnerability to...

9.1CVSS6.9AI score0.01448EPSS
Exploits0References1
CNVD
CNVD
added 2016/09/09 12:0 a.m.5 views

Cisco Firepower Management Center and FireSIGHT System Software Cross-Site Scripting Vulnerability

Cisco Firepower Management Center and FireSIGHT System Software are management center software from Cisco in the United States. A cross-site scripting vulnerability in the web-based management interface of Cisco Firepower Management Center and FireSIGHT System Software allows remote attackers to...

5.4CVSS6.2AI score0.01104EPSS
Exploits0References1
Cisco
Cisco
added 2016/09/07 4:0 p.m.63 views

Cisco Firepower Management Center and FireSIGHT System Software Malware Bypass Vulnerability

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. The vulnerability is due to improper input...

5CVSS5.3AI score0.01244EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/07/29 12:0 a.m.20 views

Cisco FireSIGHT System Software Snort Rule Bypass Vulnerability

A vulnerability in Snort rule detection in Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass configured rules that use Snort detection. The vulnerability is due to improper handling of HTTP header parameters. An attacker could exploit this vulnerability by...

7.5CVSS7.6AI score0.02113EPSS
Exploits0References1
Prion
Prion
added 2016/07/28 1:59 a.m.15 views

Design/Logic Flaw

Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737...

5CVSS7.2AI score0.02113EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2016/03/21 12:0 a.m.23 views

Cisco FireSIGHT System Software Multiple Vulnerabilities

A vulnerability in credential authentication for valid and invalid username-password pairs for Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to determine a list of valid usernames for an affected device. A vulnerability in the HTTP web-based management interface ...

6.1CVSS5AI score0.00831EPSS
Exploits0References2
CNVD
CNVD
added 2016/03/04 12:0 a.m.7 views

Cisco FireSIGHT System Software HTTP web-based Management Interface Cross-Site Scripting Vulnerability

Cisco FireSIGHT System Software is the United States Cisco Cisco company's set of management center software, which supports the centralized management of the use of FirePOWER Services Cisco ASA and Cisco FirePOWER network security appliances network security and operational functions of the...

6.1CVSS5.9AI score0.00765EPSS
Exploits0References1
CNVD
CNVD
added 2016/03/04 12:0 a.m.8 views

Cisco FireSIGHT System Software Convert Timing Channel Information Disclosure Vulnerability

Cisco FireSIGHT System Software is the United States Cisco Cisco company's set of management center software, which supports the centralized management of the use of FirePOWER Services Cisco ASA and Cisco FirePOWER network security appliances network security and operational functions of the...

4.3CVSS6.8AI score0.00831EPSS
Exploits0References1
Rows per page
Query Builder