High severity8.8NVD Advisory· Published Oct 6, 2016· Updated May 6, 2026
CVE-2016-6433
CVE-2016-6433
Description
The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote authenticated users to execute arbitrary commands via crafted web-application parameters, aka Bug ID CSCva30872.
Affected products
20cpe:2.3:a:cisco:secure_firewall_management_center:5.2.0:*:*:*:*:*:*:*+ 19 more
- cpe:2.3:a:cisco:secure_firewall_management_center:5.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_firewall_management_center:5.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_firewall_management_center:5.3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_firewall_management_center:5.3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_firewall_management_center:5.3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_firewall_management_center:5.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_firewall_management_center:5.3.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_firewall_management_center:5.3.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_firewall_management_center:5.3.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_firewall_management_center:5.3.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_firewall_management_center:5.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_firewall_management_center:5.4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_firewall_management_center:5.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_firewall_management_center:5.4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_firewall_management_center:5.4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_firewall_management_center:5.4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_firewall_management_center:5.4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_firewall_management_center:5.4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_firewall_management_center:5.4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_firewall_management_center:6.0.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- packetstormsecurity.com/files/140467/Cisco-Firepower-Management-Console-6.0-Post-Authentication-UserAdd.htmlnvdThird Party AdvisoryVDB Entry
- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ftmcnvdVendor Advisory
- www.securityfocus.com/bid/93414nvdThird Party AdvisoryVDB Entry
- blog.korelogic.com/blog/2016/10/10/virtual_appliance_spelunkingnvdThird Party Advisory
- www.exploit-db.com/exploits/40463/nvdThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/41041/nvdThird Party AdvisoryVDB Entry
- www.korelogic.com/Resources/Advisories/KL-001-2016-007.txtnvdThird Party Advisory
News mentions
0No linked articles in our index yet.