CVE-2016-1463

HIGH

Cisco FireSIGHT System Software - Auth Bypass

Title source: llm
STIX 2.1

Description

Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1036471
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/92152

Scores

CVSS v3 7.5
EPSS 0.0211
EPSS Percentile 79.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-20
Status published
Products (5)
cisco/firesight_system_software 5.3.0
cisco/firesight_system_software 5.3.1
cisco/firesight_system_software 5.4.0
cisco/firesight_system_software 6.0.0
cisco/firesight_system_software 6.0.1
Published Jul 28, 2016
Tracked Since Feb 18, 2026