← Back

CVE-2016-6439

nvd nist
Published: Oct 27, 2016Modified: May 6, 2026

JSON object

Loading...
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

A vulnerability in the detection engine reassembly of HTTP packets for Cisco Firepower System Software before 6.0.1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability is due to improper handling of an HTTP packet stream. An attacker could exploit this vulnerability by sending a crafted HTTP packet stream to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped.

Affected (24)

Cisco
1 product
Secure Firewall Management Center
Configuration A
24 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Secure Firewall Management Center
Version 5.3.0.2
Secure Firewall Management Center
Version 5.3.0.3
Secure Firewall Management Center
Version 5.3.0.4
Secure Firewall Management Center
Version 5.3.0
Secure Firewall Management Center
Version 5.3.1.3
Secure Firewall Management Center
Version 5.3.1.4
Secure Firewall Management Center
Version 5.3.1.5
Secure Firewall Management Center
Version 5.3.1.6
Secure Firewall Management Center
Version 5.3.1
Secure Firewall Management Center
Version 5.4.0.2
Secure Firewall Management Center
Version 5.4.0
Secure Firewall Management Center
Version 5.4.1.1
Secure Firewall Management Center
Version 5.4.1.2
Secure Firewall Management Center
Version 5.4.1.3
Secure Firewall Management Center
Version 5.4.1.4
Secure Firewall Management Center
Version 5.4.1.5
Secure Firewall Management Center
Version 5.4.1.6
Secure Firewall Management Center
Version 5.4.1
Secure Firewall Management Center
Version 5.4_base
Secure Firewall Management Center
Version 6.0.0.0
Secure Firewall Management Center
Version 6.0.0.1
Secure Firewall Management Center
Version 6.0.0
Secure Firewall Management Center
Version 6.0.1
Secure Firewall Management Center
Version 6.0_base

Related CWEs

CWE-399
CWE-399

References (6)

Source: psirt@cisco.com
Source: psirt@cisco.com
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.