CVE-2015-6369Improper Input Validation in Cisco Firepower Extensible Operating System

CWE-20Improper Input Validation4 documents4 sources
Severity
4.9MEDIUMNVD
EPSS
0.1%
top 73.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Firepower Extensible Operating System
Timeline
PublishedNov 19
Latest updateMay 17

Description

The USB driver in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows physically proximate attackers to cause a denial of service via a crafted USB device that triggers invalid USB commands, aka Bug ID CSCux10531.

CVSS vector

AV:L/AC:L/C:N/I:N/A:CExploitability: 3.9 | Impact: 6.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-7xv9-rqw9-5qgr: The USB driver in Cisco Firepower Extensible Operating System 12022-05-17
CVEList
CVE-2015-6369: The USB driver in Cisco Firepower Extensible Operating System 12015-11-19

📋Vendor Advisories

1
Cisco
Cisco Firepower 9000 USB Kernel Denial of Service Vulnerability2015-11-17
CVE-2015-6369 — Improper Input Validation in Cisco | cvebase