CVE-2016-6396

Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1, when certain malware blocking options are enabled, allow remote attackers to bypass malware detection via crafted fields in HTTP headers, aka Bug ID CSCuz44482.

Published: Sep 12, 2016
Updated: Nov 9, 2025
CVE: CVE-2016-6396
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
cisco / firesight_system_software	5.3.0.1	5.3.0.1.x
cisco / firesight_system_software	5.3.0.2	5.3.0.2.x
cisco / firesight_system_software	5.4.0.2	5.4.0.2.x
cisco / firesight_system_software	5.3.1.5	5.3.1.5.x
cisco / firesight_system_software	5.4.0	5.4.0.x
cisco / firesight_system_software	5.1.0.3	5.1.0.3.x
cisco / firesight_system_software	5.4.0.5	5.4.0.5.x
cisco / firesight_system_software	5.2.0.3	5.2.0.3.x
cisco / firesight_system_software	5.4.1.4	5.4.1.4.x
cisco / firesight_system_software	5.2.0.1	5.2.0.1.x
cisco / firesight_system_software	5.2.0.6	5.2.0.6.x
cisco / firesight_system_software	5.1.1.11	5.1.1.11.x
cisco / firesight_system_software	5.1.1.2	5.1.1.2.x
cisco / firesight_system_software	5.1.1.1	5.1.1.1.x
cisco / firesight_system_software	5.1.1.4	5.1.1.4.x
cisco / firesight_system_software	5.1.1.5	5.1.1.5.x
cisco / firesight_system_software	5.2.0.8	5.2.0.8.x
cisco / firesight_system_software	5.4.1.2	5.4.1.2.x
cisco / firesight_system_software	5.4.1	5.4.1.x
cisco / firesight_system_software	5.1.0.1	5.1.0.1.x
cisco / firesight_system_software	5.1.1.10	5.1.1.10.x
cisco / firesight_system_software	5.4.0.6	5.4.0.6.x
cisco / firesight_system_software	5.3.1.3	5.3.1.3.x
cisco / firesight_system_software	5.1.1.6	5.1.1.6.x
cisco / firesight_system_software	5.3.0.5	5.3.0.5.x
cisco / firesight_system_software	5.1.1	5.1.1.x
cisco / firesight_system_software	5.2.0	5.2.0.x
cisco / firesight_system_software	5.4.1.3	5.4.1.3.x
cisco / firesight_system_software	5.3.1	5.3.1.x
cisco / firesight_system_software	5.4.0.3	5.4.0.3.x
cisco / firesight_system_software	5.3.0.4	5.3.0.4.x
cisco / firesight_system_software	5.3.0.3	5.3.0.3.x
cisco / firesight_system_software	5.3.1.1	5.3.1.1.x
cisco / firesight_system_software	5.3.1.4	5.3.1.4.x
cisco / firesight_system_software	5.2.0.4	5.2.0.4.x
cisco / firesight_system_software	5.3.1.2	5.3.1.2.x
cisco / firesight_system_software	5.3.0	5.3.0.x
cisco / firesight_system_software	5.1.1.3	5.1.1.3.x
cisco / firesight_system_software	6.0.0.1	6.0.0.1.x
cisco / firesight_system_software	5.1.1.9	5.1.1.9.x
cisco / firesight_system_software	5.2.0.2	5.2.0.2.x
cisco / firesight_system_software	6.0.0	6.0.0.x
cisco / firesight_system_software	5.1.0	5.1.0.x
cisco / firesight_system_software	5.1.0.2	5.1.0.2.x
cisco / firesight_system_software	5.3.0.6	5.3.0.6.x
cisco / firesight_system_software	5.3.0.7	5.3.0.7.x
cisco / firesight_system_software	6.0.1	6.0.1.x
cisco / firesight_system_software	5.1.1.8	5.1.1.8.x
cisco / firesight_system_software	5.4.0.4	5.4.0.4.x
cisco / firesight_system_software	5.4.0.1	5.4.0.1.x
cisco / firesight_system_software	5.2.0.5	5.2.0.5.x
cisco / firesight_system_software	5.3.1.7	5.3.1.7.x

Vulnerability Database

308,379

CVE-2016-6396

Deep Security Visibility Without the Complexity