Medium severity6.5NVD Advisory· Published Oct 6, 2016· Updated May 6, 2026

CVE-2016-6435

Description

The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via crafted parameters, aka Bug ID CSCva30376.

Affected products

Cisco Systems, Inc./Secure Firewall Management Center
cpe:2.3:a:cisco:secure_firewall_management_center:6.0.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ftmc2nvdVendor Advisory
www.securityfocus.com/bid/93421nvd
blog.korelogic.com/blog/2016/10/10/virtual_appliance_spelunkingnvd
www.exploit-db.com/exploits/40464/nvd
www.korelogic.com/Resources/Advisories/KL-001-2016-006.txtnvd

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.044
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000