1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: CVE-2016-6433 Post Authentication UserAdd Vulnerability

Attack: CVE-2016-6433 Post Authentication UserAdd Vulnerability

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

An attacker can exploit this issue to execute arbitrary commands within the context of the affected application.

Additional Information

Cisco Firepower Management Center is prone to a remote command-execution vulnerability. Specifically, this issue occurs because it fails to properly validate user supplied parameters sent to the web application. An attacker can exploit this issue to run arbitrary system commands as the www user account on the server.

An attacker can exploit this issue to execute arbitrary commands within the context of the affected application.

Affected

  • Various Platforms
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube