Shodan
Vulnerabilities
Vulnerable Software
Cisco:  >> Secure Firewall Management Center  >> 6.0.1  Security Vulnerabilities
CVE-2016-9193
A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. Affected Products: Cisco Firepower Management Center and FireSIGHT System Software are affected when they are configured to use a file policy that has the Block Malware action. More Information: CSCvb27494. Known Affected Releases: 6.0.1.1 6.1.0.
CVSS Score
7.5
EPSS Score
0.004
Published
2016-12-14
CVE-2016-6439
A vulnerability in the detection engine reassembly of HTTP packets for Cisco Firepower System Software before 6.0.1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability is due to improper handling of an HTTP packet stream. An attacker could exploit this vulnerability by sending a crafted HTTP packet stream to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped.
CVSS Score
7.5
EPSS Score
0.002
Published
2016-10-27
CVE-2016-6435
The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via crafted parameters, aka Bug ID CSCva30376.
CVSS Score
6.5
EPSS Score
0.55
Published
2016-10-06
CVE-2016-6434
Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370.
CVSS Score
7.8
EPSS Score
0.004
Published
2016-10-06
CVE-2016-6433
The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote authenticated users to execute arbitrary commands via crafted web-application parameters, aka Bug ID CSCva30872.
CVSS Score
8.8
EPSS Score
0.726
Published
2016-10-06
CVE-2015-6411
Cisco FirePOWER Management Center 5.4.1.3, 6.0.0, and 6.0.1 provides verbose responses to requests for help files, which allows remote attackers to obtain potentially sensitive version information by reading an unspecified field, aka Bug ID CSCux37061.
CVSS Score
5.0
EPSS Score
0.003
Published
2015-12-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved