ID de Prueba:	1.3.6.1.4.1.25623.1.0.106302
Categoría:	CISCO
Título:	Cisco FireSIGHT System Software Privilege Escalation Vulnerability
Resumen:	A vulnerability in the web framework of the Cisco Firepower Management Center;running on Cisco FireSIGHT System Software could allow authenticated, remote attackers to elevate privileges;to access data outside their roles.
Descripción:	Summary: A vulnerability in the web framework of the Cisco Firepower Management Center running on Cisco FireSIGHT System Software could allow authenticated, remote attackers to elevate privileges to access data outside their roles. Vulnerability Insight: The vulnerability is due to improper authorization checks for authenticated users of the system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected web page. Vulnerability Impact: Successful exploitation could allow attackers to access sensitive information for which they are not authorized by the Firepower Management Center. Solution: See the referenced vendor advisory for a solution. CVSS Score: 6.8 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6420 BugTraq ID: 93204 http://www.securityfocus.com/bid/93204 Cisco Security Advisory: 20160928 Cisco Firepower Management Center Privilege Escalation Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-fmc1 http://www.securitytracker.com/id/1036919
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.