CVE-2015-6411

2015-12-1505:59:00

CWE-200

[email protected]

web.nvd.nist.gov

cisco

firepower

management center

cve-2015-6411

security vulnerability

nvd

bug id

cscux37061

6.6 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

52.7%

JSON

Cisco FirePOWER Management Center 5.4.1.3, 6.0.0, and 6.0.1 provides verbose responses to requests for help files, which allows remote attackers to obtain potentially sensitive version information by reading an unspecified field, aka Bug ID CSCux37061.

CPENameOperatorVersion
cisco:firepower_management_centercisco firepower management centereq6.0.1
cisco:firepower_management_centercisco firepower management centereq6.0.0
cisco:firepower_management_centercisco firepower management centereq5.4.1.3

CPE	Name	Operator	Version
cisco:firepower_management_center	cisco firepower management center	eq	6.0.1
cisco:firepower_management_center	cisco firepower management center	eq	6.0.0
cisco:firepower_management_center	cisco firepower management center	eq	5.4.1.3