CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0CVE-2016-6439
https://notcve.org/view.php?id=CVE-2016-6439
A vulnerability in the detection engine reassembly of HTTP packets for Cisco Firepower System Software before 6.0.1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability is due to improper handling of an HTTP packet stream. An attacker could exploit this vulnerability by sending a crafted HTTP packet stream to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped. Una vulnerabilidad en el reensamblaje del motor de detección de paquetes HTTP para Cisco Firepower System Software en versiones anteriores a 6.0.1 podría permitir a un atacante remoto no autenticado provocar una condición de denegación de servicio (DoS) debido al reinicio inesperado del proceso Snort. • http://www.securityfocus.com/bid/93787 http://www.securitytracker.com/id/1037061 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-fpsnort • CWE-399: Resource Management Errors •
CVSS: 9.0EPSS: 28%CPEs: 20EXPL: 2CVE-2016-6433 – Cisco Firepower Threat Management Console 6.0.1 - Remote Command Execution
https://notcve.org/view.php?id=CVE-2016-6433
The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote authenticated users to execute arbitrary commands via crafted web-application parameters, aka Bug ID CSCva30872. El Threat Management Console en Cisco Firepower Management Center 5.2.0 hasta la versión 6.0.1 permite a usuarios remotos autenticados ejecutar comandos arbitrarios a través de parámetros de aplicación web manipulados, vulnerabilidad también conocida como Bug ID CSCva30872. Cisco Firepower Threat Management Console suffers from a remote command execution vulnerability. Cisco Fire Linux OS 6.0.1 (build 37/build 1213) is affected. • https://www.exploit-db.com/exploits/40463 https://www.exploit-db.com/exploits/41041 http://packetstormsecurity.com/files/140467/Cisco-Firepower-Management-Console-6.0-Post-Authentication-UserAdd.html http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ftmc http://www.securityfocus.com/bid/93414 https://blog.korelogic.com/blog/2016/10/10/virtual_appliance_spelunking https://www.korelogic.com/Resources/Advisories/KL-001-2016-007.txt • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2016-6419
https://notcve.org/view.php?id=CVE-2016-6419
SQL injection vulnerability in Cisco Firepower Management Center 4.10.3 through 5.4.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCur25485. Vulnerabilidad de inyección SQL en Cisco Firepower Management Center 4.10.3 hasta la versión 5.4.0 permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a través de vectores no especificados, vulnerabilidad también conocida como Bug ID CSCur25485. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-fpmc http://www.securityfocus.com/bid/93206 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2016-6365
https://notcve.org/view.php?id=CVE-2016-6365
Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.0.2, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCur25508 and CSCur25518. Vulnerabilidad XSS en Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.0.2, 5.3.1 y 5.4.0 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de parámetros no especificados, también conocido como Bug IDs CSCur25508 y CSCur25518. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-firepowermc http://www.securityfocus.com/bid/92510 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 0CVE-2016-1457
https://notcve.org/view.php?id=CVE-2016-1457
The web-based GUI in Cisco Firepower Management Center 4.x and 5.x before 5.3.1.2 and 5.4.x before 5.4.0.1 and Cisco Adaptive Security Appliance (ASA) Software on 5500-X devices with FirePOWER Services 4.x and 5.x before 5.3.1.2 and 5.4.x before 5.4.0.1 allows remote authenticated users to execute arbitrary commands as root via crafted HTTP requests, aka Bug ID CSCur25513. La GUI basada en web en Cisco Firepower Management Center 4.x y 5.x en versiones anteriores a 5.3.1.2 y 5.4.x en versiones anteriores a 5.4.0.1 y Cisco Adaptive Security Appliance (ASA) Software en dispositivos 5500-X con FirePOWER Services 4.x y 5.x en versiones anteriores a 5.3.1.2 y 5.4.x en versiones anteriores a 5.4.0.1 permite a usuarios remotos autenticados ejecutar comandos arbitrarios como root a través de peticiones HTTP manipuladas, también conocido como Bug ID CSCur25513. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-fmc http://www.securityfocus.com/bid/92509 http://www.securitytracker.com/id/1036642 • CWE-264: Permissions, Privileges, and Access Controls •