Main Vulnerability Database Vulnerabilities #VU627

Security restrictions bypass in Cisco FireSIGHT - CVE-2016-6411

Published: September 22, 2016 / Updated: April 5, 2018

Vulnerability identifier: #VU627

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2016-6411

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Cisco Systems, Inc

Affected software:
Cisco FireSIGHT

Detailed vulnerability description

The vulnerability allows a remote user to bypass security access on the target system.
The weakness exists due to improper input validation. By sending specially crafted HTTP URL attackers can cause parameter validation flaw bypass the SSL inspection policy 'do-not-decrypt' rule.
Successful exploitation of the vulnerability may result in gaining access to the vulnerable system.

How to mitigate CVE-2016-6411

Install update from vendor's website.

Sources

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-fmc

Security restrictions bypass in Cisco FireSIGHT - CVE-2016-6411

Detailed vulnerability description

How to mitigate CVE-2016-6411

Sources

Please verify you're human