Back to search
CVE-2016-1356
Published: Mar 3, 2016
Modified: Aug 5, 2024
PUBLISHED
Description
Cisco FireSIGHT System Software 6.1.0 does not use a constant-time algorithm for verifying credentials, which makes it easier for remote attackers to enumerate valid usernames by measuring timing differences, aka Bug ID CSCuy41615.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20160302 Cisco FireSIGHT System Software Convert Timing Channel Vulnerability
vendor-advisory
x_refsource_CISCO
1035189
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now