7.5
CVE-2016-9193
- EPSS 0.38%
- Published 14.12.2016 00:59:16
- Last modified 12.04.2025 10:46:40
- Source psirt@cisco.com
- Teams watchlist Login
- Open Login
A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. Affected Products: Cisco Firepower Management Center and FireSIGHT System Software are affected when they are configured to use a file policy that has the Block Malware action. More Information: CSCvb27494. Known Affected Releases: 6.0.1.1 6.1.0.
Data is provided by the National Vulnerability Database (NVD)
Cisco ≫ Firesight System Software Version6.0.0
Cisco ≫ Firesight System Software Version6.0.0.0
Cisco ≫ Firesight System Software Version6.0.0.1
Cisco ≫ Firesight System Software Version6.0.1
Cisco ≫ Firesight System Software Version6.0.1.1
Cisco ≫ Firesight System Software Version6.1.0
Cisco ≫ Secure Firewall Management Center Version6.0.0
Cisco ≫ Secure Firewall Management Center Version6.0.0.0
Cisco ≫ Secure Firewall Management Center Version6.0.0.1
Cisco ≫ Secure Firewall Management Center Version6.0.1
Cisco ≫ Secure Firewall Management Center Version6.0.1.1
Cisco ≫ Secure Firewall Management Center Version6.1.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.38% | 0.567 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.