CVE-2016-6396 — Vulnetix

CVE-2016-6396 PUBLISHED CVSS 5 MEDIUM

Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1, when certain malware blocking options are enabled, allow remote attackers to bypass malware detection via crafted fields in HTTP headers, aka Bug ID CSCuz44482.

EPSS 0.43% · 63.1th percentile

Risk Scores

CVSS 2.0

EPSS Score

0.43%

63.1th percentile

Affected Products

Vendor	Product	Versions
cisco	firesight_system_software	5.3.1.4, 5.1.0, 5.1.0.1
n/a	n/a	n/a

Exploit Intelligence

92826 (circl)
1036756 (circl)
20160907 Cisco Firepower Management Center and FireSIGHT System Software Malware Bypass Vulnerability (cve.org)

Timeline

Sep 7, 2016 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 3, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 8, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 2, 2023 EPSS Score
May 25, 2023 EPSS Score

References

92826 vdb
1036756 vdb
20160907 Cisco Firepower Management Center and FireSIGHT System Software Malware Bypass Vulnerability vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2016-6396 advisory

Open in Interactive Console →