What is CVE-2016-9193?

CVE-2016-9193 is a high-severity vulnerability in Cisco Firesight_system_software, classified under Improper Input Validation. CVSS score: 7.5/10. Published 2016-12-14.

How severe is CVE-2016-9193?

High severity. CVSS v3 base score is 7.5 out of 10.

Improper input validation in Cisco Firesight_system_software

CVE-2016-9193

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an aff…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.004 (60.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N.

Affected products

Cisco Firesight_system_software — versions 6.0.0, 6.0.0.0, 6.0.0.1
Cisco Secure_firewall_management_center — versions 6.0.0, 6.0.0.0, 6.0.0.1
N/a Cisco Firesight — versions Cisco FireSIGHT

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)
94801 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
1037421 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2016-9193?: CVE-2016-9193 is a high-severity vulnerability in Cisco Firesight_system_software, classified under Improper Input Validation. CVSS score: 7.5/10. Published 2016-12-14.
How severe is CVE-2016-9193?: High severity. CVSS v3 base score is 7.5 out of 10.