CVE-2015-6374
Cisco Firepower Extensible Operating System 1.1(1.160) - Clickjacking via IFRAME Element
Title source: llmDescription
The web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, aka Bug ID CSCux10604.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151117-firepower4
Scores
EPSS
0.0084
EPSS Percentile
53.5%
Details
CWE
CWE-20
Status
published
Products (1)
cisco/firepower_extensible_operating_system
1.1\(1.160\)
Published
Nov 19, 2015
Tracked Since
Feb 18, 2026