CVE-2015-6380
Cisco Firepower Extensible OS 1.1(1.160) Authenticated Command Injection via Web Interface
Title source: llmDescription
An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote authenticated users to execute arbitrary OS commands via crafted parameters, aka Bug ID CSCux10622.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-fire
Scores
EPSS
0.0114
EPSS Percentile
62.7%
Details
CWE
CWE-78
Status
published
Products (1)
cisco/firepower_extensible_operating_system
1.1\(1.160\)
Published
Nov 24, 2015
Tracked Since
Feb 18, 2026