29 matches found
EUVD-2015-6361
Malware in sbrugna...
Cisco FireSIGHT Detection (HTTP)
This script performs HTTP based detection of Cisco FireSIGHT Management Center SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Cisco FireSIGHT Management Center SSL HTTP Attack Detection Vulnerability
A vulnerability in HTTP attack detection within decrypted SSL traffic of Cisco FireSIGHT Management Center could allow an unauthenticated, remote attacker to bypass HTTP attack detection. The traffic is SSL and the application is configured to decrypt the SSL connection and detect HTTP-based...
Design/Logic Flaw
Cisco FireSIGHT Management Center allows remote attackers to bypass the HTTP attack detection feature and avoid triggering Snort IDS rules via an SSL session that is mishandled after decryption, aka Bug ID CSCux53437...
CVE-2015-6427
Cisco FireSIGHT Management Center allows remote attackers to bypass the HTTP attack detection feature and avoid triggering Snort IDS rules via an SSL session that is mishandled after decryption, aka Bug ID CSCux53437...
Cisco FireSIGHT Management Center SSL HTTP Attack Detection Vulnerability
A vulnerability in HTTP attack detection within decrypted SSL traffic of Cisco FireSIGHT Management Center could allow an unauthenticated, remote attacker to bypass HTTP attack detection. The traffic is SSL and the application is configured to decrypt the SSL connection and detect HTTP-based...
Cisco FireSIGHT Management Center GET Request Information Disclosure Vulnerability (cisco-sa-20151211-fmc)
A vulnerability in the Cisco FireSIGHT Management Center could allow an authenticated, remote attacker to view sensitive information from the underlying operating system. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyrig...
Design/Logic Flaw
Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote authenticated users to read arbitrary files via a crafted GET request, aka Bug ID CSCur25410...
CVE-2015-6419
Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote authenticated users to read arbitrary files via a crafted GET request, aka Bug ID CSCur25410...
CVE-2015-6357
The rule-update feature in Cisco FireSIGHT Management Center MC 5.2 through 5.4.0.1 does not verify the X.509 certificate of the support.sourcefire.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide an invalid package, and consequently execute arbitrary code...
CVE-2015-6357
The rule-update feature in Cisco FireSIGHT Management Center MC 5.2 through 5.4.0.1 does not verify the X.509 certificate of the support.sourcefire.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide an invalid package, and consequently execute arbitrary code...
Cisco FireSIGHT Management Center Certificate Validation Vulnerability
A vulnerability in the rule update functionality of Cisco FireSIGHT Management Center MC could allow an unauthenticated, remote attacker to manipulate the content of the rule update packages and execute arbitrary code on the system. The vulnerability is due to lack of certificate validation durin...
Cisco FireSIGHT Management Center Certificate Validation Vulnerability
A vulnerability in the rule update functionality of Cisco FireSIGHT Management Center MC could allow an unauthenticated, remote attacker to manipulate the content of the rule update packages and execute arbitrary code on the system. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions...
CVE-2015-6363
Multiple cross-site scripting XSS vulnerabilities in the web framework in Cisco FireSIGHT Management Center MC 5.4.1.4 and 6.0.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuw88396...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the web framework in Cisco FireSIGHT Management Center MC 5.4.1.4 and 6.0.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuw88396...
CVE-2015-6363
Multiple cross-site scripting XSS vulnerabilities in the web framework in Cisco FireSIGHT Management Center MC 5.4.1.4 and 6.0.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuw88396...
Cisco FireSight Management Center Web Framework Cross-Site Scripting Vulnerability
A vulnerability in the web framework of Cisco FireSIGHT Management Center MC could allow an authenticated, remote attacker to execute a stored, cross-site scripting XSS attack against a user of the web interface. The vulnerability is due to improper sanitization of parameter values. An attacker...
Cisco FireSight Management Center Cross-Site Scripting Vulnerability
Cisco FireSIGHT Management Center MC is the United States Cisco Cisco company's set of centralized on the Cisco ASA with FirePOWER Services and Cisco FirePOWER network security equipment management management center software. A cross-site scripting vulnerability exists in Cisco FireSight MC...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Cisco FireSight Management Center MC 5.3.1.5 and 5.4.x through 5.4.1.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuu28922...
Cisco FireSIGHT Management Center Detection
This script performs SSH based detection of Cisco FireSIGHT Management Center SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...