cvedb.io
CVE-2015-6435
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2016-01-22T11:59:01.473 · Last modified 2026-06-17T00:30:53.383

Summary

An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Computing System (UCS) Manager before 2.2(4b), 2.2(5) before 2.2(5a), and 3.0 before 3.0(2e) allows remote attackers to execute arbitrary shell commands via a crafted HTTP request, aka Bug ID CSCur90888.

Affected products

cisco — firepower_extensible_operating_system

Does this affect you?

Add your gear to cvedb and we'll alert you only when cisco ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.