CVE-2016-1463 Information

Description

Cisco FireSIGHT System Software 5.3.0 5.3.1 5.4.0 6.0 and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet aka Bug ID CSCuz20737.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-firesight http://www.securityfocus.com/bid/92152 http://www.securitytracker.com/id/1036471

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

NONE

Base Severity

7.5