CVE-2016-6435
Description
The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via crafted parameters, aka Bug ID CSCva30376.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
55.026
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Cisco Firepower Management Center Console Local File Inclusion Vulnerability For Cisco Firepower Management Center Virtual Appliance | NCM |
| Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6435) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1705938 | Security Update for Cisco Firepower Management Center Virtual Appliance 6.1.0.1 |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234