CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
71.9%
A vulnerability in the rule update functionality of Cisco FireSIGHT Management Center (MC) could allow an unauthenticated, remote attacker to manipulate the content of the rule update packages and execute arbitrary code on the system.
# SPDX-FileCopyrightText: 2015 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/a:cisco:firesight_management_center";
if (description)
{
script_oid("1.3.6.1.4.1.25623.1.0.105456");
script_cve_id("CVE-2015-6357");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_version("2023-07-25T05:05:58+0000");
script_name("Cisco FireSIGHT Management Center Certificate Validation Vulnerability");
script_xref(name:"URL", value:"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151116-fmc");
script_tag(name:"impact", value:"An attacker could exploit this vulnerability by performing a man-in-the-middle attack (such as DNS hijacking) to enable manipulation of the rule update package content. An exploit could allow the attacker to execute arbitrary code on the system with the privileges of the web server.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"The vulnerability is due to lack of certificate validation during the HTTPS connection toward support.");
script_tag(name:"solution", value:"See vendor advisory");
script_tag(name:"summary", value:"A vulnerability in the rule update functionality of Cisco FireSIGHT Management Center (MC) could allow an unauthenticated, remote attacker to manipulate the content of the rule update packages and execute arbitrary code on the system.");
script_tag(name:"affected", value:"Cisco FireSIGHT Management Center versions 5.4.1.4 and 6.0.1");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
script_tag(name:"last_modification", value:"2023-07-25 05:05:58 +0000 (Tue, 25 Jul 2023)");
script_tag(name:"creation_date", value:"2015-11-16 16:15:53 +0100 (Mon, 16 Nov 2015)");
script_category(ACT_GATHER_INFO);
script_family("CISCO");
script_copyright("Copyright (C) 2015 Greenbone AG");
script_dependencies("gb_cisco_firesight_management_center_version.nasl",
"gb_cisco_firesight_management_center_http_detect.nasl");
script_mandatory_keys("cisco_firesight_management_center/version");
exit(0);
}
include("host_details.inc");
if( ! version = get_app_version( cpe:CPE, nofork:TRUE ) ) exit( 0 );
if( version == "5.4.0" || version == '5.4.0.1' || version == '5.2.0' || version == '5.3.0' )
{
report = 'Installed version: ' + version + '\n' +
'Fixed version: See vendor advisory';
security_message( port:0, data:report );
exit( 0 );
}
exit( 99 );