发布日期：2016-08-17
更新日期：2016-08-18

受影响系统：

Cisco ASA 5500-X Series with FirePOWER Services 5.4.0
Cisco ASA 5500-X Series with FirePOWER Services 5.3.1
Cisco ASA 5500-X Series with FirePOWER Services 5.3.0
Cisco ASA 5500-X Series with FirePOWER Services 5.2.0
Cisco ASA 5500-X Series with FirePOWER Services 4.10.3
Cisco Firepower Management Center 5.4.0
Cisco Firepower Management Center 5.3.1
Cisco Firepower Management Center 5.3.0
Cisco Firepower Management Center 5.2.0
Cisco Firepower Management Center 4.10.3

描述：

---

CVE(CAN) ID: CVE-2016-1458

Cisco Firepower是高级防火墙系列产品。

Cisco Firepower Management Center、Cisco Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services的Web GUI存在安全漏洞，经身份验证的远程攻击者利用此漏洞可提升受影响设备上用户帐户的权限。

<*来源：vendor
  
  链接：http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-firepower
*>

建议：

---

厂商补丁：

Cisco
-----
Cisco已经为此发布了一个安全公告（cisco-sa-20160817-firepower）以及相应补丁:
cisco-sa-20160817-firepower：Cisco Firepower Management Center Privilege Escalation Vulnerability
链接：http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-firepower

浏览次数：1892
严重程度：0（网友投票）