Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam™  Beyond Security®  SecuriTeam™ Home  Ask the Team  Mailing Lists  Advertising Info  Blogs SecuriTeam™ in Your Inbox   E-mail this CVE-2016-6394 to a friend New vulnerability? New tool? Tell us	CVE-2016-6394 Cisco Firesight System Software 5.2.0 Remote Code Execution Vulnerability     Credit: The original article can be found at: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160907-fsmc Website Security Scan Code Vulnerability Test Network Assessment Tool Detect hidden vulnerabilities Exhaustive automated testing Real-time, continuous security Get guidance from professionals of internal or 3rd party code. scanning for your entire network    CVE-2016-6394 Details Check for CVE-2016-6394 Vulnerability Assessment and Management. Automated Pen Testing for 50 to 50,000 nodes beyondsecurity.com/vulnerability-scanner Vulnerable Systems:  * Cisco Firesight System Software 5.2.0  * Cisco Firesight System Software 5.2.0.1  * Cisco Firesight System Software 5.2.0.2  * Cisco Firesight System Software 5.2.0.3  * Cisco Firesight System Software 5.2.0.4  * Cisco Firesight System Software 5.2.0.5  * Cisco Firesight System Software 5.2.0.6  * Cisco Firesight System Software 5.2.0.8  * Cisco Firesight System Software 5.3.0  * Cisco Firesight System Software 5.3.0.1  * Cisco Firesight System Software 5.3.0.2  * Cisco Firesight System Software 5.3.0.3  * Cisco Firesight System Software 5.3.0.4  * Cisco Firesight System Software 5.3.0.5  * Cisco Firesight System Software 5.3.0.6  * Cisco Firesight System Software 5.3.0.7  * Cisco Firesight System Software 5.3.1  * Cisco Firesight System Software 5.3.1.1  * Cisco Firesight System Software 5.3.1.2  * Cisco Firesight System Software 5.3.1.3  * Cisco Firesight System Software 5.3.1.4  * Cisco Firesight System Software 5.3.1.5  * Cisco Firesight System Software 5.3.1.7  * Cisco Firesight System Software 5.4.0  * Cisco Firesight System Software 5.4.0.1  * Cisco Firesight System Software 5.4.0.2  * Cisco Firesight System Software 5.4.0.3  * Cisco Firesight System Software 5.4.0.4  * Cisco Firesight System Software 5.4.0.5  * Cisco Firesight System Software 5.4.0.6  * Cisco Firesight System Software 5.4.1  * Cisco Firesight System Software 5.4.1.2  * Cisco Firesight System Software 5.4.1.3  * Cisco Firesight System Software 5.4.1.4  * Cisco Firesight System Software 6.0.0  * Cisco Firesight System Software 6.0.0.1  * Cisco Firesight System Software 6.0.1  * Cisco Firesight System Software 6.1.0 A vulnerability in session identification management functionality of the web-based management interface for Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to hijack a valid user session. The vulnerability exists because the affected application does not assign a new session identifier to a user session when a user authenticates to the application. An attacker could exploit this vulnerability by using a hijacked session identifier to connect to the application through the web-based management interface. A successful exploit could allow the attacker to hijack an authenticated user s browser session. CVE Information: CVE-2016-6394 Disclosure Timeline: Publish Date : 2016-09-12 Last Update Date : 2016-09-12  Comments on CVE-2016-6394:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

Copyright © 1998-2017 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®