CVEDB API

Vulnerabilities

Vulnerable Software

Cisco: >> Firepower Extensible Operating System >> 1.1(1.160) Security Vulnerabilities

CVE-2015-6370

The Management I/O (MIO) component in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows local users to execute arbitrary OS commands as root via crafted CLI input, aka Bug ID CSCux10578.

CVSS Score

7.2

EPSS Score

0.003

Published

2015-11-19

CVE-2015-6369

The USB driver in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows physically proximate attackers to cause a denial of service via a crafted USB device that triggers invalid USB commands, aka Bug ID CSCux10531.

CVSS Score

4.9

EPSS Score

0.001

Published

2015-11-19

CVE-2015-6368

Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to read files via a crafted HTTP request, aka Bug ID CSCux10608.

CVSS Score

5.0

EPSS Score

0.001

Published

2015-11-19

CVE-2015-6373

Cross-site request forgery (CSRF) vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCux10611.

CVSS Score

6.8

EPSS Score

0.001

Published

2015-11-18

CVE-2015-6372

Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCux10614.

CVSS Score

4.3

EPSS Score

0.003

Published

2015-11-18

Page 4

Vulnerabilities

Vulnerable Software

Cisco: >> Firepower Extensible Operating System >> 1.1(1.160) Security Vulnerabilities

Products

Pricing

Contact Us