Short Name |
HTTP:CISCO:CISCO-EPC-CMD-INJ |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Cisco EPC 3928 CVE-2015-6401 Command Injection |
Release Date |
2019/02/28 |
Update Number |
3146 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against Cisco EPC 3928. A successful attack can lead to arbitrary code execution.
Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow remote attackers to bypass an intended authentication requirement and execute unspecified administrative functions via a crafted HTTP request, aka Bug ID CSCux24941.