cbcvebase.
CVE-2016-1356
published 2016-03-03

CVE-2016-1356: Cisco FireSIGHT System Software 6.1.0 does not use a constant-time algorithm for verifying credentials, which makes it easier for remote attackers to enumerate…

low3.7CVSS 3.0
AVNACHPRNUINSUCLINAN
Cisco FireSIGHT System Software 6.1.0 does not use a constant-time algorithm for verifying credentials, which makes it easier for remote attackers to enumerate valid usernames by measuring timing differences, aka Bug ID CSCuy41615.

Affected

2 ranges
VendorProductVersion rangeFixed in
ciscofiresight_system
ciscofiresight_system_software