CVE-2016-6419

NONE

7.5CVSS v3

6.0CVSS v2

0.54% EPSS (exploit probability)

CWE-89CWE

Description

SQL injection vulnerability in Cisco Firepower Management Center 4.10.3 through 5.4.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCur25485.

CVSS v3 vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected routers (1)

Vendor	Model	Matched via	Affected versions	Fixed in	Patch?
Ubiquiti	Ubiquiti EdgeRouter 4	`—`	—	—	No

External references

NIST NVD
MITRE CVE