CVE-2016-9193

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. Affected Products: Cisco Firepower Management Center and FireSIGHT System Software are affected when they are configured to use a file policy that has the Block Malware action. More Information: CSCvb27494. Known Affected Releases: 6.0.1.1 6.1.0.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
VendorProductVersion
ciscofiresight_system_software
6.0.0
ciscofiresight_system_software
6.0.0.0
ciscofiresight_system_software
6.0.0.1
ciscofiresight_system_software
6.0.1
ciscofiresight_system_software
6.0.1.1
ciscofiresight_system_software
6.1.0
ciscosecure_firewall_management_center
6.0.0
ciscosecure_firewall_management_center
6.0.0.0
ciscosecure_firewall_management_center
6.0.0.1
ciscosecure_firewall_management_center
6.0.1
ciscosecure_firewall_management_center
6.0.1.1
ciscosecure_firewall_management_center
6.1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/94801
http://www.securitytracker.com/id/1037421
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-firepower
http://www.securityfocus.com/bid/94801
http://www.securitytracker.com/id/1037421
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-firepower