Input validation error in Cisco FireSIGHT - CVE-2016-6396
Published: September 12, 2016 / Updated: September 13, 2016
Vulnerability identifier: #VU410
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2016-6396
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco FireSIGHT
Cisco FireSIGHT
Detailed vulnerability description
The vulnerability allows a remote user to bypass malicious files detection on the target system.
The weakness is caused by incorrect validation of HTTP headers. Specially crafted HTTP header values sent by attacker can be used to bypass malware detection and blocking features on the target system.
Successful exploitation of this vulnerability may allow a remote user to bypass security mechanism on the vulnerable system.
The weakness is caused by incorrect validation of HTTP headers. Specially crafted HTTP header values sent by attacker can be used to bypass malware detection and blocking features on the target system.
Successful exploitation of this vulnerability may allow a remote user to bypass security mechanism on the vulnerable system.
How to mitigate CVE-2016-6396
Update to 6.1