CVE-2016-1463

Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 70%
VendorProductVersion
ciscofiresight_system_software
5.3.0
ciscofiresight_system_software
5.3.1
ciscofiresight_system_software
5.4.0
ciscofiresight_system_software
6.0.0
ciscofiresight_system_software
6.0.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-firesight
http://www.securityfocus.com/bid/92152
http://www.securitytracker.com/id/1036471
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-firesight
http://www.securityfocus.com/bid/92152
http://www.securitytracker.com/id/1036471