CVE-2016-1345

HIGH

Cisco FireSIGHT System Software <6.0.1 - Auth Bypass

Title source: llm
STIX 2.1

Description

Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with FirePOWER Services 5.4.0 through 6.0.0.1 allow remote attackers to bypass malware protection via crafted fields in HTTP headers, aka Bug ID CSCux22726.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1035437
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1035439
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1035438

Scores

CVSS v3 7.5
EPSS 0.0140
EPSS Percentile 69.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-20
Status published
Products (23)
cisco/asa_with_firepower_services 5.4.0
cisco/asa_with_firepower_services 5.4.0.1
cisco/asa_with_firepower_services 5.4.0.2
cisco/asa_with_firepower_services 5.4.0.3
cisco/asa_with_firepower_services 5.4.0.4
cisco/asa_with_firepower_services 5.4.0.5
cisco/asa_with_firepower_services 5.4.0.6
cisco/asa_with_firepower_services 6.0.0
cisco/asa_with_firepower_services 6.0.0.1
cisco/firesight_system_software 5.4.0
... and 13 more
Published Apr 01, 2016
Tracked Since Feb 18, 2026