Vulnerability Description
A vulnerability in the system management of certain FireAMP system processes in Cisco FireAMP Connector Endpoint software could allow an authenticated, local attacker to stop certain protected FireAMP processes without requiring a password. Stopping certain critical processes could cause a denial of service (DoS) condition, and certain security features could no longer be available. More Information: CSCvb40597. Known Affected Releases: 1.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Fireamp Connector Endpoint Software | 4.4.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/94814
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
- http://www.securityfocus.com/bid/94814
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
FAQ
What is CVE-2016-6449?
CVE-2016-6449 is a vulnerability with a CVSS score of 7.8 (HIGH). A vulnerability in the system management of certain FireAMP system processes in Cisco FireAMP Connector Endpoint software could allow an authenticated, local attacker to stop certain protected FireAMP...
How severe is CVE-2016-6449?
CVE-2016-6449 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-6449?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Fireamp Connector Endpoint Software.