Описание
Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370.
Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2016-6434
- https://blog.korelogic.com/blog/2016/10/10/virtual_appliance_spelunking
- https://www.exploit-db.com/exploits/40465
- https://www.korelogic.com/Resources/Advisories/KL-001-2016-005.txt
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ftmc1
- http://www.securityfocus.com/bid/93412
Связанные уязвимости
CVSS3: 7.8
nvd
больше 9 лет назад
Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370.