CVE-2016-6434

HIGH

Cisco Firepower Management Center 6.0.1 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-6434. PoCs published by KoreLogic.

AI-analyzed exploit summary This advisory details a hard-coded MySQL credential vulnerability in Cisco Firepower Threat Management Console, allowing local authentication bypass via the root account with a weak password ('admin'). The MySQL service is only accessible via loopback, limiting remote exploitation.

Description

Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370.

Exploits (1)

exploitdb WRITEUP

by KoreLogic · textlocallinux

https://www.exploit-db.com/exploits/40465

View Code ZIP pw:eip

This advisory details a hard-coded MySQL credential vulnerability in Cisco Firepower Threat Management Console, allowing local authentication bypass via the root account with a weak password ('admin'). The MySQL service is only accessible via loopback, limiting remote exploitation.

Classification

Writeup 100%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Cisco Firepower Threat Management Console (Cisco Fire Linux OS 6.0.1)

No auth needed

Prerequisites: Local access to the affected system

MITRE ATT&CK

T1078 - Valid Accounts T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Vendor Advisory vendor-advisory x_refsource_cisco

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ftmc1

Various Sources x_refsource_misc

https://www.korelogic.com/Resources/Advisories/KL-001-2016-005.txt

Various Sources x_refsource_misc

https://blog.korelogic.com/blog/2016/10/10/virtual_appliance_spelunking

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/93412

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/40465/

Scores

CVSS v3 7.8

EPSS 0.0098

EPSS Percentile 57.7%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-287

Status published

Products (1)

cisco/secure_firewall_management_center 6.0.1

Published Oct 06, 2016

Tracked Since Feb 18, 2026