CVE-2016-9193
HIGHCisco Firepower Management Center and FireSIGHT System Software - Malware Detection Bypass via File Policy
Title source: llmDescription
A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. Affected Products: Cisco Firepower Management Center and FireSIGHT System Software are affected when they are configured to use a file policy that has the Block Malware action. More Information: CSCvb27494. Known Affected Releases: 6.0.1.1 6.1.0.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-firepower
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/94801
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1037421
Scores
CVSS v3
7.5
EPSS
0.0196
EPSS Percentile
77.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-20
Status
published
Products (13)
cisco/firesight_system_software
6.0.0
cisco/firesight_system_software
6.0.0.0
cisco/firesight_system_software
6.0.0.1
cisco/firesight_system_software
6.0.1
cisco/firesight_system_software
6.0.1.1
cisco/firesight_system_software
6.1.0
cisco/secure_firewall_management_center
6.0.0
cisco/secure_firewall_management_center
6.0.0.0
cisco/secure_firewall_management_center
6.0.0.1
cisco/secure_firewall_management_center
6.0.1
... and 3 more
Published
Dec 14, 2016
Tracked Since
Feb 18, 2026