Lucene search
CiscoCVE-2016-6417HistoryOct 05, 2016 - 5:59 p.m.
CVE-2016-6417
2016-10-0517:59:06
CWE-352
cisco
web.nvd.nist.gov
24
cve-2016-6417
csrf
cisco
firesight system software
vulnerability
remote attackers
authentication
nvd
bug id cscva21636
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0.002
Percentile
52.2%
Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 4.10.2 through 6.1.0 and Firepower Management Center allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCva21636.
Affected configurations
Node
ciscofiresight_system_softwareMatch4.10.2
ORciscofiresight_system_softwareMatch4.10.2.1
ORciscofiresight_system_softwareMatch4.10.2.2
ORciscofiresight_system_softwareMatch4.10.2.3
ORciscofiresight_system_softwareMatch4.10.2.4
ORciscofiresight_system_softwareMatch4.10.2.5
ORciscofiresight_system_softwareMatch4.10.3
ORciscofiresight_system_softwareMatch4.10.3.1
ORciscofiresight_system_softwareMatch4.10.3.2
ORciscofiresight_system_softwareMatch4.10.3.3
ORciscofiresight_system_softwareMatch4.10.3.4
ORciscofiresight_system_softwareMatch4.10.3.5
ORciscofiresight_system_softwareMatch4.10.3.6
ORciscofiresight_system_softwareMatch4.10.3.7
ORciscofiresight_system_softwareMatch4.10.3.8
ORciscofiresight_system_softwareMatch4.10.3.9
ORciscofiresight_system_softwareMatch4.10.3.10
ORciscofiresight_system_softwareMatch5.1.0
ORciscofiresight_system_softwareMatch5.1.0.1
ORciscofiresight_system_softwareMatch5.1.0.2
ORciscofiresight_system_softwareMatch5.1.0.3
ORciscofiresight_system_softwareMatch5.1.1
ORciscofiresight_system_softwareMatch5.1.1.1
ORciscofiresight_system_softwareMatch5.1.1.2
ORciscofiresight_system_softwareMatch5.1.1.3
ORciscofiresight_system_softwareMatch5.1.1.4
ORciscofiresight_system_softwareMatch5.1.1.5
ORciscofiresight_system_softwareMatch5.1.1.6
ORciscofiresight_system_softwareMatch5.1.1.8
ORciscofiresight_system_softwareMatch5.1.1.9
ORciscofiresight_system_softwareMatch5.1.1.10
ORciscofiresight_system_softwareMatch5.1.1.11
ORciscofiresight_system_softwareMatch5.2.0
ORciscofiresight_system_softwareMatch5.2.0.1
ORciscofiresight_system_softwareMatch5.2.0.2
ORciscofiresight_system_softwareMatch5.2.0.3
ORciscofiresight_system_softwareMatch5.2.0.4
ORciscofiresight_system_softwareMatch5.2.0.5
ORciscofiresight_system_softwareMatch5.2.0.6
ORciscofiresight_system_softwareMatch5.2.0.8
ORciscofiresight_system_softwareMatch5.3.0
ORciscofiresight_system_softwareMatch5.3.0.1
ORciscofiresight_system_softwareMatch5.3.0.2
ORciscofiresight_system_softwareMatch5.3.0.3
ORciscofiresight_system_softwareMatch5.3.0.4
ORciscofiresight_system_softwareMatch5.3.0.5
ORciscofiresight_system_softwareMatch5.3.0.6
ORciscofiresight_system_softwareMatch5.3.0.7
ORciscofiresight_system_softwareMatch5.3.1
ORciscofiresight_system_softwareMatch5.3.1.1
ORciscofiresight_system_softwareMatch5.3.1.2
ORciscofiresight_system_softwareMatch5.3.1.3
ORciscofiresight_system_softwareMatch5.3.1.4
ORciscofiresight_system_softwareMatch5.3.1.5
ORciscofiresight_system_softwareMatch5.3.1.7
ORciscofiresight_system_softwareMatch5.4.0
ORciscofiresight_system_softwareMatch5.4.0.1
ORciscofiresight_system_softwareMatch5.4.0.2
ORciscofiresight_system_softwareMatch5.4.0.3
ORciscofiresight_system_softwareMatch5.4.0.4
ORciscofiresight_system_softwareMatch5.4.0.5
ORciscofiresight_system_softwareMatch5.4.0.6
ORciscofiresight_system_softwareMatch5.4.1
ORciscofiresight_system_softwareMatch5.4.1.2
ORciscofiresight_system_softwareMatch5.4.1.3
ORciscofiresight_system_softwareMatch5.4.1.4
ORciscofiresight_system_softwareMatch6.0.0
ORciscofiresight_system_softwareMatch6.0.0.1
ORciscofiresight_system_softwareMatch6.0.1
ORciscofiresight_system_softwareMatch6.1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | firesight_system_software | 4.10.2 | cpe:2.3:a:cisco:firesight_system_software:4.10.2:*:*:*:*:*:*:* |
| cisco | firesight_system_software | 4.10.2.1 | cpe:2.3:a:cisco:firesight_system_software:4.10.2.1:*:*:*:*:*:*:* |
| cisco | firesight_system_software | 4.10.2.2 | cpe:2.3:a:cisco:firesight_system_software:4.10.2.2:*:*:*:*:*:*:* |
| cisco | firesight_system_software | 4.10.2.3 | cpe:2.3:a:cisco:firesight_system_software:4.10.2.3:*:*:*:*:*:*:* |
| cisco | firesight_system_software | 4.10.2.4 | cpe:2.3:a:cisco:firesight_system_software:4.10.2.4:*:*:*:*:*:*:* |
| cisco | firesight_system_software | 4.10.2.5 | cpe:2.3:a:cisco:firesight_system_software:4.10.2.5:*:*:*:*:*:*:* |
| cisco | firesight_system_software | 4.10.3 | cpe:2.3:a:cisco:firesight_system_software:4.10.3:*:*:*:*:*:*:* |
| cisco | firesight_system_software | 4.10.3.1 | cpe:2.3:a:cisco:firesight_system_software:4.10.3.1:*:*:*:*:*:*:* |
| cisco | firesight_system_software | 4.10.3.2 | cpe:2.3:a:cisco:firesight_system_software:4.10.3.2:*:*:*:*:*:*:* |
| cisco | firesight_system_software | 4.10.3.3 | cpe:2.3:a:cisco:firesight_system_software:4.10.3.3:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2016-6417
2016-10-05 17:00:00
prion
prion
Cross site request forgery (csrf)
2016-10-05 17:59:00
openvas
openvas
cisco
cisco
nvd
nvd
CVE-2016-6417
2016-10-05 17:59:06
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0.002
Percentile
52.2%
Related for CVE-2016-6417