What is the severity of CVE-2016-1413?

CVE-2016-1413 has been assigned a CVSS score that indicates a medium severity level.

How do I fix CVE-2016-1413?

To fix CVE-2016-1413, you should update the affected Cisco Firepower Management Center software to the latest patched version.

Who is affected by CVE-2016-1413?

CVE-2016-1413 affects remote authenticated users of Cisco Firepower Management Center versions 5.4.0 to 6.0.0.1.

What type of vulnerability is CVE-2016-1413?

CVE-2016-1413 is a web interface vulnerability that allows remote authenticated users to modify pages using crafted code.

Is there a workaround for CVE-2016-1413?

There are no specific workarounds provided for CVE-2016-1413, but applying the updates is the recommended mitigation.

Vulnerability/
CVE-2016-1413

medium

6.5

CWE

28/5/2016

26/11/2024

CVE-2016-1413: Code Injection

First published: Sat May 28 2016(Updated: )

The web interface in Cisco Firepower Management Center 5.4.0 through 6.0.0.1 allows remote authenticated users to modify pages by placing crafted code in a parameter value, aka Bug ID CSCuy76517.

Credit: ykramarz@cisco.com ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Secure Firewall Management Center	=5.4.0
Cisco Secure Firewall Management Center	=5.4.0.2
Cisco Secure Firewall Management Center	=5.4.1
Cisco Secure Firewall Management Center	=5.4.1.1
Cisco Secure Firewall Management Center	=5.4.1.2
Cisco Secure Firewall Management Center	=5.4.1.3
Cisco Secure Firewall Management Center	=5.4.1.4
Cisco Secure Firewall Management Center	=5.4.1.5
Cisco Secure Firewall Management Center	=5.4.1.6
Cisco Secure Firewall Management Center	=6.0.0.1
Cisco Firepower Management Center Software	=5.4.0
Cisco Firepower Management Center Software	=5.4.0.2
Cisco Firepower Management Center Software	=5.4.1
Cisco Firepower Management Center Software	=5.4.1.1
Cisco Firepower Management Center Software	=5.4.1.2
Cisco Firepower Management Center Software	=5.4.1.3
Cisco Firepower Management Center Software	=5.4.1.4
Cisco Firepower Management Center Software	=5.4.1.5
Cisco Firepower Management Center Software	=5.4.1.6
Cisco Firepower Management Center Software	=6.0.0.1

Never miss a vulnerability like this again

Reference Links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160527-fmc

Frequently Asked Questions

What is the severity of CVE-2016-1413?
CVE-2016-1413 has been assigned a CVSS score that indicates a medium severity level.
How do I fix CVE-2016-1413?
To fix CVE-2016-1413, you should update the affected Cisco Firepower Management Center software to the latest patched version.
Who is affected by CVE-2016-1413?
CVE-2016-1413 affects remote authenticated users of Cisco Firepower Management Center versions 5.4.0 to 6.0.0.1.
What type of vulnerability is CVE-2016-1413?
CVE-2016-1413 is a web interface vulnerability that allows remote authenticated users to modify pages using crafted code.
Is there a workaround for CVE-2016-1413?
There are no specific workarounds provided for CVE-2016-1413, but applying the updates is the recommended mitigation.

agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/references
agent/description
agent/first-publish-date
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/last-modified-date
agent/author
agent/event
agent/softwarecombine
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco secure firewall management center
version/cisco secure firewall management center/5.4.0
version/cisco secure firewall management center/5.4.0.2
version/cisco secure firewall management center/5.4.1
version/cisco secure firewall management center/5.4.1.1
version/cisco secure firewall management center/5.4.1.2
version/cisco secure firewall management center/5.4.1.3
version/cisco secure firewall management center/5.4.1.4
version/cisco secure firewall management center/5.4.1.5
version/cisco secure firewall management center/5.4.1.6
version/cisco secure firewall management center/6.0.0.1
canonical/cisco firepower management center software
version/cisco firepower management center software/5.4.0
version/cisco firepower management center software/5.4.0.2
version/cisco firepower management center software/5.4.1
version/cisco firepower management center software/5.4.1.1
version/cisco firepower management center software/5.4.1.2
version/cisco firepower management center software/5.4.1.3
version/cisco firepower management center software/5.4.1.4
version/cisco firepower management center software/5.4.1.5
version/cisco firepower management center software/5.4.1.6
version/cisco firepower management center software/6.0.0.1