PT-2016-6871 · Cisco · Cisco Firepower Management Center+1

Publicado

2016-09-12

·

Atualizado

2016-11-28

·

CVE-2016-6395

CVSS v3.1

5.4

Média

VetorAV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Cisco Firepower Management Center versions prior to 6.1 Cisco FireSIGHT System Software versions prior to 6.1
Description A cross-site scripting (XSS) issue exists in the web-based management interface, allowing remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Recommendations For Cisco Firepower Management Center versions prior to 6.1, update to version 6.1 or later. For Cisco FireSIGHT System Software versions prior to 6.1, update to version 6.1 or later.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2016-6395

Produtos afetados

Cisco Firesight System
Cisco Firepower Management Center