PT-2016-4811 · Cisco · Cisco Firesight System+1
Published
2016-07-28
·
Updated
2017-09-01
·
CVE-2016-1463
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco FireSIGHT System Software versions 5.3.0 through 6.0.1
Description
The issue allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet.
Recommendations
For versions 5.3.0 through 6.0.1, consider restricting access to the HTTP packet header to minimize the risk of exploitation.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Firesight System
Snort