Description
Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1036471
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/92152
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-firesight
Scores
CVSS v3
7.5
EPSS
0.0211
EPSS Percentile
79.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-20
Status
published
Products (5)
cisco/firesight_system_software
5.3.0
cisco/firesight_system_software
5.3.1
cisco/firesight_system_software
5.4.0
cisco/firesight_system_software
6.0.0
cisco/firesight_system_software
6.0.1
Published
Jul 28, 2016
Tracked Since
Feb 18, 2026