Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-6396

Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1, when certain malware blocking options are enabled, allow remote attackers to bypass malware detection via crafted fields in HTTP headers, aka Bug ID CSCuz44482.

Published

2016-09-12T10:59:09.523

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 5.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: PARTIAL
  • Availability Impact: NONE
Exploitability Score

10.0

Impact Score

2.9

Weaknesses
  • Type: Primary
    CWE-20
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application cisco firesight_system_software 5.1.0 Yes
Application cisco firesight_system_software 5.1.0.1 Yes
Application cisco firesight_system_software 5.1.0.2 Yes
Application cisco firesight_system_software 5.1.0.3 Yes
Application cisco firesight_system_software 5.1.1 Yes
Application cisco firesight_system_software 5.1.1.1 Yes
Application cisco firesight_system_software 5.1.1.2 Yes
Application cisco firesight_system_software 5.1.1.3 Yes
Application cisco firesight_system_software 5.1.1.4 Yes
Application cisco firesight_system_software 5.1.1.5 Yes
Application cisco firesight_system_software 5.1.1.6 Yes
Application cisco firesight_system_software 5.1.1.8 Yes
Application cisco firesight_system_software 5.1.1.9 Yes
Application cisco firesight_system_software 5.1.1.10 Yes
Application cisco firesight_system_software 5.1.1.11 Yes
Application cisco firesight_system_software 5.2.0 Yes
Application cisco firesight_system_software 5.2.0.1 Yes
Application cisco firesight_system_software 5.2.0.2 Yes
Application cisco firesight_system_software 5.2.0.3 Yes
Application cisco firesight_system_software 5.2.0.4 Yes
Application cisco firesight_system_software 5.2.0.5 Yes
Application cisco firesight_system_software 5.2.0.6 Yes
Application cisco firesight_system_software 5.2.0.8 Yes
Application cisco firesight_system_software 5.3.0 Yes
Application cisco firesight_system_software 5.3.0.1 Yes
Application cisco firesight_system_software 5.3.0.2 Yes
Application cisco firesight_system_software 5.3.0.3 Yes
Application cisco firesight_system_software 5.3.0.4 Yes
Application cisco firesight_system_software 5.3.0.5 Yes
Application cisco firesight_system_software 5.3.0.6 Yes
Application cisco firesight_system_software 5.3.0.7 Yes
Application cisco firesight_system_software 5.3.1 Yes
Application cisco firesight_system_software 5.3.1.1 Yes
Application cisco firesight_system_software 5.3.1.2 Yes
Application cisco firesight_system_software 5.3.1.3 Yes
Application cisco firesight_system_software 5.3.1.4 Yes
Application cisco firesight_system_software 5.3.1.5 Yes
Application cisco firesight_system_software 5.3.1.7 Yes
Application cisco firesight_system_software 5.4.0 Yes
Application cisco firesight_system_software 5.4.0.1 Yes
Application cisco firesight_system_software 5.4.0.2 Yes
Application cisco firesight_system_software 5.4.0.3 Yes
Application cisco firesight_system_software 5.4.0.4 Yes
Application cisco firesight_system_software 5.4.0.5 Yes
Application cisco firesight_system_software 5.4.0.6 Yes
Application cisco firesight_system_software 5.4.1 Yes
Application cisco firesight_system_software 5.4.1.2 Yes
Application cisco firesight_system_software 5.4.1.3 Yes
Application cisco firesight_system_software 5.4.1.4 Yes
Application cisco firesight_system_software 6.0.0 Yes
Application cisco firesight_system_software 6.0.0.1 Yes
Application cisco firesight_system_software 6.0.1 Yes
References