7.5
CVE-2016-9193
- EPSS 0.38%
- Veröffentlicht 14.12.2016 00:59:16
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle psirt@cisco.com
- CVE-Watchlists
- Unerledigt
LoginA vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. Affected Products: Cisco Firepower Management Center and FireSIGHT System Software are affected when they are configured to use a file policy that has the Block Malware action. More Information: CSCvb27494. Known Affected Releases: 6.0.1.1 6.1.0.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Firesight System Software Version6.0.0
Cisco ≫ Firesight System Software Version6.0.0.0
Cisco ≫ Firesight System Software Version6.0.0.1
Cisco ≫ Firesight System Software Version6.0.1
Cisco ≫ Firesight System Software Version6.0.1.1
Cisco ≫ Firesight System Software Version6.1.0
Cisco ≫ Secure Firewall Management Center Version6.0.0
Cisco ≫ Secure Firewall Management Center Version6.0.0.0
Cisco ≫ Secure Firewall Management Center Version6.0.0.1
Cisco ≫ Secure Firewall Management Center Version6.0.1
Cisco ≫ Secure Firewall Management Center Version6.0.1.1
Cisco ≫ Secure Firewall Management Center Version6.1.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.38% | 0.567 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.