CVE-2016-1394

EUVD-2016-2493
Cisco Firepower System Software 6.0.0 through 6.1.0 has a hardcoded account, which allows remote attackers to obtain CLI access by leveraging knowledge of the password, aka Bug ID CSCuz56238.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.6 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
Affected Products (NVD)
VendorProductVersion
ciscofiresight_system_software
6.0.0
ciscofiresight_system_software
6.0.0.1
ciscofiresight_system_software
6.0.1
ciscofiresight_system_software
6.1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160629-fp
http://www.securityfocus.com/bid/91503
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160629-fp
http://www.securityfocus.com/bid/91503