CVE-2016-9193

HIGH

Cisco Firepower Management Center and FireSIGHT System Software - Malware Detection Bypass via File Policy

Title source: llm
STIX 2.1

Description

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. Affected Products: Cisco Firepower Management Center and FireSIGHT System Software are affected when they are configured to use a file policy that has the Block Malware action. More Information: CSCvb27494. Known Affected Releases: 6.0.1.1 6.1.0.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/94801
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1037421

Scores

CVSS v3 7.5
EPSS 0.0196
EPSS Percentile 77.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-20
Status published
Products (13)
cisco/firesight_system_software 6.0.0
cisco/firesight_system_software 6.0.0.0
cisco/firesight_system_software 6.0.0.1
cisco/firesight_system_software 6.0.1
cisco/firesight_system_software 6.0.1.1
cisco/firesight_system_software 6.1.0
cisco/secure_firewall_management_center 6.0.0
cisco/secure_firewall_management_center 6.0.0.0
cisco/secure_firewall_management_center 6.0.0.1
cisco/secure_firewall_management_center 6.0.1
... and 3 more
Published Dec 14, 2016
Tracked Since Feb 18, 2026