Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2016-1457

Опубликовано: 18 авг. 2016
Источник: nvd
CVSS3: 8.8
CVSS2: 9
EPSS Низкий

Описание

The web-based GUI in Cisco Firepower Management Center 4.x and 5.x before 5.3.1.2 and 5.4.x before 5.4.0.1 and Cisco Adaptive Security Appliance (ASA) Software on 5500-X devices with FirePOWER Services 4.x and 5.x before 5.3.1.2 and 5.4.x before 5.4.0.1 allows remote authenticated users to execute arbitrary commands as root via crafted HTTP requests, aka Bug ID CSCur25513.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cisco:secure_firewall_management_center:4.10.3.9:*:*:*:*:*:*:*
cpe:2.3:a:cisco:secure_firewall_management_center:5.2.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:secure_firewall_management_center:5.3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:secure_firewall_management_center:5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:secure_firewall_management_center:5.4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 59%
0.00374
Низкий

8.8 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-264

Связанные уязвимости

github логотип

GHSA-g3rq-2957-28ch

CVSS3: 8.8
github
больше 3 лет назад

The web-based GUI in Cisco Firepower Management Center 4.x and 5.x before 5.3.1.2 and 5.4.x before 5.4.0.1 and Cisco Adaptive Security Appliance (ASA) Software on 5500-X devices with FirePOWER Services 4.x and 5.x before 5.3.1.2 and 5.4.x before 5.4.0.1 allows remote authenticated users to execute arbitrary commands as root via crafted HTTP requests, aka Bug ID CSCur25513.

EPSS

Процентиль: 59%
0.00374
Низкий

8.8 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-264