Published: 23/08/2016 Updated: 12/12/2016

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Subscribe to Firepower Management Center

Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.0.2, 5.3.1, and 5.4.0 allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCur25508 and CSCur25518.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco firepower management center 5.3.0
cisco firepower management center 5.2.0
cisco firepower management center 5.4.0
cisco firepower management center 5.3.0.2
cisco firepower management center 5.3.1
cisco firepower management center 4.10.3

A vulnerability in the web framework of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system The vulnerability is due to insufficient input validation for some of the parameters that are passed to an affected web s ...

CWE-79 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-firepowermc http://www.securityfocus.com/bid/92510 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-firepowermc

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-6365

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect