CVE-2016-1463
Published Jul 28, 2016
Last updated 7 years ago
Overview
- Description
- Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737.
- Source
- ykramarz@cisco.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-20
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1049BCE-4A7B-4636-9090-17724D5AFBA4"
},
{
"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1BEF2B98-243F-4796-A98C-A978C4CCAD91"
},
{
"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0EB13B96-D431-49BD-ADAB-9AE5DB559935"
},
{
"criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55D52DB0-4441-41C9-900E-DE917B0CBC91"
},
{
"criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC5565FE-174C-41C7-9462-9138BB31507D"
}
],
"operator": "OR"
}
]
}
]