Firesight System Software@6.1.0 Security Vulnerabilities and Issues — Firesight System Software@6.1.0 CVE List

Lucene search

CiscoFiresight System Software6.1.0

8 matches found

CVE•added 2017/08/07 6:29 a.m.•56 views

CVE-2017-6766

A vulnerability in the Secure Sockets Layer (SSL) Decryption and Inspection feature of Cisco Firepower System Software 5.4.0, 5.4.1, 6.0.0, 6.1.0, 6.2.0, 6.2.1, and 6.2.2 could allow an unauthenticated, remote attacker to bypass the SSL policy for decrypting and inspecting traffic on an affected sy...

7.5CVSS7.4AI score0.00151EPSS

CVE•added 2016/12/14 12:59 a.m.•52 views

CVE-2016-9193

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. Affected Products: Cisco Firepower Management ...

7.5CVSS7.5AI score0.00383EPSS

CVE•added 2016/03/03 10:59 p.m.•43 views

CVE-2016-1356

Cisco FireSIGHT System Software 6.1.0 does not use a constant-time algorithm for verifying credentials, which makes it easier for remote attackers to enumerate valid usernames by measuring timing differences, aka Bug ID CSCuy41615.

4.3CVSS4.6AI score0.00236EPSS

CVE•added 2016/03/03 3:59 p.m.•38 views

CVE-2016-1355

Cross-site scripting (XSS) vulnerability in the Device Management UI in the management interface in Cisco FireSIGHT System Software 6.1.0 allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCuy41687.

6.1CVSS5.9AI score0.0025EPSS

CVE•added 2016/11/19 3:3 a.m.•36 views

CVE-2016-6460

A vulnerability in the FTP Representational State Transfer Application Programming Interface (REST API) for Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass FTP malware detection rules and download malware over an FTP connection. Cisco Firepower System Softw...

7.5CVSS7.5AI score0.00227EPSS

CVE•added 2016/10/05 5:59 p.m.•35 views

CVE-2016-6417

Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 4.10.2 through 6.1.0 and Firepower Management Center allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCva21636.

8.8CVSS8.9AI score0.00129EPSS

CVE•added 2016/09/12 10:59 a.m.•34 views

CVE-2016-6394

Session fixation vulnerability in Cisco Firepower Management Center and Cisco FireSIGHT System Software through 6.1.0 allows remote attackers to hijack web sessions via a session identifier, aka Bug ID CSCuz80503.

9.1CVSS9AI score0.003EPSS

CVE•added 2016/07/03 1:59 a.m.•33 views

CVE-2016-1394

Cisco Firepower System Software 6.0.0 through 6.1.0 has a hardcoded account, which allows remote attackers to obtain CLI access by leveraging knowledge of the password, aka Bug ID CSCuz56238.

8.6CVSS8.4AI score0.00687EPSS