Lucene search
K

29 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2015-6361

Malware in sbrugna...

6.8CVSS6.4AI score0.0115EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2016/07/29 12:0 a.m.14 views

Cisco FireSIGHT Detection (HTTP)

This script performs HTTP based detection of Cisco FireSIGHT Management Center SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

7.1AI score
Exploits0References1
OpenVAS
OpenVAS
added 2016/01/06 12:0 a.m.22 views

Cisco FireSIGHT Management Center SSL HTTP Attack Detection Vulnerability

A vulnerability in HTTP attack detection within decrypted SSL traffic of Cisco FireSIGHT Management Center could allow an unauthenticated, remote attacker to bypass HTTP attack detection. The traffic is SSL and the application is configured to decrypt the SSL connection and detect HTTP-based...

5CVSS6.8AI score0.01733EPSS
Exploits0References1
Prion
Prion
added 2015/12/18 11:59 a.m.15 views

Design/Logic Flaw

Cisco FireSIGHT Management Center allows remote attackers to bypass the HTTP attack detection feature and avoid triggering Snort IDS rules via an SSL session that is mishandled after decryption, aka Bug ID CSCux53437...

5CVSS7.3AI score0.01733EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/12/18 11:0 a.m.24 views

CVE-2015-6427

Cisco FireSIGHT Management Center allows remote attackers to bypass the HTTP attack detection feature and avoid triggering Snort IDS rules via an SSL session that is mishandled after decryption, aka Bug ID CSCux53437...

6.7AI score0.01733EPSS
Exploits0References2
Cisco
Cisco
added 2015/12/17 9:30 a.m.40 views

Cisco FireSIGHT Management Center SSL HTTP Attack Detection Vulnerability

A vulnerability in HTTP attack detection within decrypted SSL traffic of Cisco FireSIGHT Management Center could allow an unauthenticated, remote attacker to bypass HTTP attack detection. The traffic is SSL and the application is configured to decrypt the SSL connection and detect HTTP-based...

5CVSS6.5AI score0.01733EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/12/15 12:0 a.m.21 views

Cisco FireSIGHT Management Center GET Request Information Disclosure Vulnerability (cisco-sa-20151211-fmc)

A vulnerability in the Cisco FireSIGHT Management Center could allow an authenticated, remote attacker to view sensitive information from the underlying operating system. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyrig...

6.8CVSS6.2AI score0.0115EPSS
Exploits0References1
Prion
Prion
added 2015/12/12 4:59 p.m.15 views

Design/Logic Flaw

Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote authenticated users to read arbitrary files via a crafted GET request, aka Bug ID CSCur25410...

6.8CVSS6.7AI score0.0115EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/12/12 4:0 p.m.23 views

CVE-2015-6419

Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote authenticated users to read arbitrary files via a crafted GET request, aka Bug ID CSCur25410...

6.2AI score0.0115EPSS
Exploits0References2
NVD
NVD
added 2015/11/18 11:59 a.m.27 views

CVE-2015-6357

The rule-update feature in Cisco FireSIGHT Management Center MC 5.2 through 5.4.0.1 does not verify the X.509 certificate of the support.sourcefire.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide an invalid package, and consequently execute arbitrary code...

6.8CVSS6.9AI score0.02634EPSS
Exploits0References6
Cvelist
Cvelist
added 2015/11/18 11:0 a.m.25 views

CVE-2015-6357

The rule-update feature in Cisco FireSIGHT Management Center MC 5.2 through 5.4.0.1 does not verify the X.509 certificate of the support.sourcefire.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide an invalid package, and consequently execute arbitrary code...

6.9AI score0.02634EPSS
Exploits0References6
Cisco
Cisco
added 2015/11/16 10:0 a.m.41 views

Cisco FireSIGHT Management Center Certificate Validation Vulnerability

A vulnerability in the rule update functionality of Cisco FireSIGHT Management Center MC could allow an unauthenticated, remote attacker to manipulate the content of the rule update packages and execute arbitrary code on the system. The vulnerability is due to lack of certificate validation durin...

5.1CVSS7.3AI score0.02634EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/11/16 12:0 a.m.17 views

Cisco FireSIGHT Management Center Certificate Validation Vulnerability

A vulnerability in the rule update functionality of Cisco FireSIGHT Management Center MC could allow an unauthenticated, remote attacker to manipulate the content of the rule update packages and execute arbitrary code on the system. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions...

6.8CVSS7.6AI score0.02634EPSS
Exploits0References1
NVD
NVD
added 2015/11/12 3:59 a.m.18 views

CVE-2015-6363

Multiple cross-site scripting XSS vulnerabilities in the web framework in Cisco FireSIGHT Management Center MC 5.4.1.4 and 6.0.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuw88396...

3.5CVSS5.4AI score0.01075EPSS
Exploits0References2
Prion
Prion
added 2015/11/12 3:59 a.m.18 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the web framework in Cisco FireSIGHT Management Center MC 5.4.1.4 and 6.0.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuw88396...

3.5CVSS5.7AI score0.01075EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/11/12 2:0 a.m.25 views

CVE-2015-6363

Multiple cross-site scripting XSS vulnerabilities in the web framework in Cisco FireSIGHT Management Center MC 5.4.1.4 and 6.0.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuw88396...

5.4AI score0.01075EPSS
Exploits0References2
Cisco
Cisco
added 2015/11/11 10:30 a.m.39 views

Cisco FireSight Management Center Web Framework Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco FireSIGHT Management Center MC could allow an authenticated, remote attacker to execute a stored, cross-site scripting XSS attack against a user of the web interface. The vulnerability is due to improper sanitization of parameter values. An attacker...

4CVSS5.8AI score0.01075EPSS
Exploits0References1
CNVD
CNVD
added 2015/11/04 12:0 a.m.3 views

Cisco FireSight Management Center Cross-Site Scripting Vulnerability

Cisco FireSIGHT Management Center MC is the United States Cisco Cisco company's set of centralized on the Cisco ASA with FirePOWER Services and Cisco FirePOWER network security equipment management management center software. A cross-site scripting vulnerability exists in Cisco FireSight MC...

3.5CVSS6.3AI score0.01085EPSS
Exploits0References1
Prion
Prion
added 2015/10/31 4:59 a.m.14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Cisco FireSight Management Center MC 5.3.1.5 and 5.4.x through 5.4.1.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuu28922...

3.5CVSS5.7AI score0.01085EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2015/10/29 12:0 a.m.19 views

Cisco FireSIGHT Management Center Detection

This script performs SSH based detection of Cisco FireSIGHT Management Center SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

7.1AI score
Exploits0
Rows per page
Query Builder