vendor:
Firepower Threat Management Console
by:
KoreLogic
6.5
CVSS
MEDIUM
Local File Inclusion
73
CWE
Product Name: Firepower Threat Management Console
Affected Version From: Cisco Fire Linux OS 6.0.1 (build 37/build 1213)
Affected Version To:
Patch Exists: YES
Related CWE: CVE-2016-6435
CPE: o:cisco:firepower_threat_management_console
Platforms Tested: Embedded Linux
2016
Cisco Firepower Threat Management Console Local File Inclusion
An authenticated user can access arbitrary files on the local system.
Mitigation:
Properly filter file path requests to prevent unauthorized access.
