CVE-2016-6433
Published Oct 6, 2016
Last updated 4 years ago
Overview
- Description
- The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote authenticated users to execute arbitrary commands via crafted web-application parameters, aka Bug ID CSCva30872.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 9
- Impact score
- 10
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-20
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center:5.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0163047-0645-4096-BD3D-ED04F7A390AE"
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center:5.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA91B80B-47E6-4318-A4E0-B252BF047F4F"
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center:5.3.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "25106E9B-03C9-49C1-B960-1FE51F1407A2"
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center:5.3.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D74E804-C9B4-495B-8A43-2164F00616E0"
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center:5.3.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "682B4681-A905-47EB-A430-2B77CBABC971"
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center:5.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5320FAC0-17A9-4D76-BAB7-1F01AB5E6839"
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center:5.3.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "919F3A57-3DC2-4F21-9429-86BDD3D1B3AE"
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center:5.3.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CDDEB8C5-E013-45A6-971D-9534CCEF59C9"
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center:5.3.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "96A193EA-BFB8-4289-BA41-0469E5D04863"
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center:5.3.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E23CD722-EAB1-40D5-BB6F-E682A3827E11"
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center:5.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37F94CE2-06F1-4243-867C-E715704017B3"
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center:5.4.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "934EA245-0699-4777-9DAC-2B48F39E1A7B"
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center:5.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8D4D072-9C68-4884-9A26-53AB894D75AB"
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center:5.4.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B26A218A-A880-4B61-9467-18B3487472E2"
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center:5.4.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D14F117C-487B-4CCC-A9DF-2EAD13F5575A"
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center:5.4.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8AB2B7A7-DDE5-4544-9488-345E03B0F49D"
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center:5.4.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA53E64A-EA9E-4965-BD1C-E7C67968D7D6"
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center:5.4.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E141B711-C550-4688-AE0F-1425779C5E6E"
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center:5.4.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "88C0DF4B-3CDF-48E4-972A-C3708D86E3A3"
},
{
"criteria": "cpe:2.3:a:cisco:firepower_management_center:6.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D5C15D62-A995-4AEC-BB9C-6CFE3104902D"
}
],
"operator": "OR"
}
]
}
]