CVE-2015-6374

The web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, aka Bug ID CSCux10604.

Severity	MEDIUM
CVSS	4.3
CWE	CWE-20
KEV
Published	10 years ago
Modified	1 week ago

Related Products

Product	Advisory	Evidence
Firepower Extensible Operating System	cisco-sa-20151117-firepower4	Cisco OpenVuln
Cisco Firepower Extensible Operating System	cisco-sa-20151117-firepower4	Cisco OpenVuln
Cisco Firepower 9000 Series	cisco-sa-20151117-firepower4	Cisco OpenVuln