Test Kennung:	1.3.6.1.4.1.25623.1.0.106302
Kategorie:	CISCO
Titel:	Cisco FireSIGHT System Software Privilege Escalation Vulnerability
Zusammenfassung:	A vulnerability in the web framework of the Cisco Firepower Management Center;running on Cisco FireSIGHT System Software could allow authenticated, remote attackers to elevate privileges;to access data outside their roles.
Beschreibung:	Summary: A vulnerability in the web framework of the Cisco Firepower Management Center running on Cisco FireSIGHT System Software could allow authenticated, remote attackers to elevate privileges to access data outside their roles. Vulnerability Insight: The vulnerability is due to improper authorization checks for authenticated users of the system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected web page. Vulnerability Impact: Successful exploitation could allow attackers to access sensitive information for which they are not authorized by the Firepower Management Center. Solution: See the referenced vendor advisory for a solution. CVSS Score: 6.8 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6420 BugTraq ID: 93204 http://www.securityfocus.com/bid/93204 Cisco Security Advisory: 20160928 Cisco Firepower Management Center Privilege Escalation Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-fmc1 http://www.securitytracker.com/id/1036919
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.