Vulnslist

find the latest Cisco vulnerabilities

Cisco Firepower Management Center and Cisco FireSIGHT System Software Malicious Software Detection Bypass Vulnerability

cisco-sa-20161207-firepower · Medium · Published · Updated

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. The vulnerability is due to the incorrect handling of duplicate downloads of malware files. An attacker could exploit this vulnerability by sending an attempt to download a file that contains malware to an affected system. A successful exploit could allow the attacker to bypass malicious file detection or blocking policies that are configured for the system, which could allow malware to pass through the system undetected. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-firepower

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2016-9193
Cisco Bug IDsCSCvb27494
CVSS ScoreBase 5.0
Base 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N/E:F/RL:OF/RC:C
Product Names From Source
Cisco Firepower System Software, Cisco Firepower Management Center 6.0.0, Cisco Firepower Management Center 6.0.1, Cisco Firepower Management Center 6.0.0.1, Cisco Firepower Management Center 6.0.0.0, Cisco Firepower Management Center 6.0.1.1, Cisco Firepower Management Center 6.1.0, Cisco Secure Firewall Management Center (FMC), Cisco Firepower Management Center

Related Products

Product CVE Evidence
Cisco Secure Firewall Management Center (FMC) CVE-2016-9193 Cisco OpenVuln
Cisco Firepower System Software CVE-2016-9193 Cisco OpenVuln
Cisco Firepower Management Center CVE-2016-9193 Cisco OpenVuln