CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2016/01/16 5:59 a.m.•15 views

CVE-2016-1293

Multiple cross-site scripting XSS vulnerabilities in the Management Center in Cisco FireSIGHT System Software 6.0.0 and 6.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCux40414...

6.1CVSS6.1AI score0.01122EPSS

Cisco•added 2015/09/25 3:19 p.m.•23 views

Cisco FirePOWER 7000 and Cisco FirePOWER 8000 Series Inspection Engine Stall Vulnerability

A vulnerability in FireSIGHT System Software for Cisco FirePOWER 7000 Series and Cisco FirePOWER 8000 Series devices could allow an unauthenticated, adjacent attacker to cause the inspection engine to stop processing packets. Depending on the affected system configuration, this may cause traffic...

6.1CVSS6.6AI score0.00697EPSS

CVE•added 2015/07/14 5:0 p.m.•50 views

CVE-2015-4270

CVE-2015-4270 concerns Cisco FireSIGHT System Software 5.3.1.5 and 6.0.0, where multiple cross-site scripting (XSS) vulnerabilities exist due to insufficient validation of user-supplied input. A remote attacker could inject arbitrary script via a crafted URL, potentially compromising sessions or ...

4.3CVSS5.8AI score0.01546EPSS

Cvelist•added 2015/07/08 2:0 p.m.•19 views

CVE-2015-4242

Cross-site request forgery CSRF vulnerability in Cisco FireSIGHT System Software 5.4.1.2 and 6.0.0 in FireSIGHT Management Center allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu94721...

7.2AI score0.00996EPSS

CNVD•added 2015/06/16 12:0 a.m.•3 views

Cisco FireSIGHT System Software Cross-Site Scripting Vulnerability (CNVD-2015-03926)

Cisco FireSIGHT System Software is the United States Cisco Cisco company's set of management center software, which supports the centralized management of the use of FirePOWER Services Cisco ASA and Cisco FirePOWER network security appliances network security and operational functions of the...

4.3CVSS6.1AI score0.01546EPSS

CVE•added 2015/06/12 10:0 a.m.•55 views

CVE-2015-0773

Cisco FireSIGHT Management Center (System Software 5.3.1.3 and 6.0.0) is affected by CVE-2015-0773. The issue allows remote authenticated users to delete another user’s dashboard by submitting a modified VPN deletion request within a management session, due to improper validation of the deletion ...

5.5CVSS6.5AI score0.016EPSS

CVE•added 2015/06/12 10:0 a.m.•57 views

CVE-2015-0737

Cisco FireSIGHT System Software 5.3.1.1 contains multiple XSS vulnerabilities that allow remote attackers to inject arbitrary web script or HTML via crafted GET or POST parameters (Bug ID CSCuu11099). Root cause cited: insufficient input validation. Affects Cisco FireSIGHT System Software; adviso...

4.3CVSS5.8AI score0.01546EPSS

NVD•added 2015/06/04 10:59 a.m.•12 views

CVE-2015-0765

Cisco ONS 15454 System Software 10.30 and 10.301 allows remote attackers to cause a denial of service tNetTask CPU consumption or card reset via a flood of 1 IP or 2 Ethernet traffic, aka Bug ID CSCus57263...

5CVSS6.7AI score0.01988EPSS

Prion•added 2015/06/04 10:59 a.m.•14 views

Code injection

5CVSS7.2AI score0.01988EPSS

Cvelist•added 2015/06/04 10:0 a.m.•19 views

CVE-2015-0766

Multiple cross-site scripting XSS vulnerabilities in the administrative web interface in the Management Center component in Cisco FireSIGHT System Software 6.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified fields, aka Bug IDs CSCus93566, CSCut31557, and CSCut4719...

5.8AI score0.01546EPSS

CVE•added 2015/06/04 10:0 a.m.•50 views

CVE-2015-0765

Cisco ONS 15454 System Software 10.30 and 10.301 are affected by CVE-2015-0765, a DoS vulnerability where remote attackers can exhaust tNetTask CPU and reset the controller card by sending large IP or Ethernet traffic (Bug ID CSCus57263). The issue allows unauthenticated remote access to trigger ...

5CVSS6.9AI score0.01988EPSS

Cisco•added 2015/06/03 9:21 p.m.•32 views

Cisco ONS 15454 System Software Denial of Service Vulnerability

A vulnerability in Cisco ONS 15454 System Software could allow an unauthenticated, remote attacker to cause the controller card on an affected device to reset, resulting in a denial of service DoS condition. The vulnerability occurs because tNetTask CPU time is consumed when the software processe...

5CVSS6.5AI score0.01988EPSS

NVD•added 2015/05/19 2:0 a.m.•21 views

CVE-2015-0739

The Lights-Out Management LOM implementation in Cisco FireSIGHT System Software 5.3.0 on Sourcefire 3D Sensor devices allows remote authenticated users to perform arbitrary Baseboard Management Controller BMC file uploads via unspecified vectors, aka Bug ID CSCus87938...

4CVSS6.5AI score0.02009EPSS

Exploits0References3

CVE•added 2015/05/19 1:0 a.m.•48 views

CVE-2015-0739

Cisco FireSIGHT System Software 5.3.0 (Sourcefire 3D Sensor) LOM vulnerability allows remote authenticated users to perform arbitrary BMC file uploads via unspecified vectors; root cause is insufficient input validation in Lights-Out Management. Exploitation could lead to arbitrary code execution...

4CVSS6.7AI score0.02009EPSS

Exploits0References3Affected Software1

CNVD•added 2015/04/24 12:0 a.m.•2 views

Cisco FireSIGHT Management Center FireSIGHT System Software Cross-Site Scripting Vulnerability

Cisco FireSIGHT Management Center is the United States Cisco Cisco company's set of support for centralized management of the use of FirePOWER Services Cisco ASA and Cisco FirePOWER network security equipment network security and operational functions of the management center software. A cross-si...

3.5CVSS6.1AI score0.00783EPSS

Cvelist•added 2015/04/23 1:0 a.m.•23 views

CVE-2015-0706

Open redirect vulnerability in Cisco FireSIGHT System Software 5.3.1.1, 5.3.1.2, and 6.0.0 in FireSIGHT Management Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted HTTP header, aka Bug IDs CSCut06060, CSCut06056, and CSCus98966...

6.6AI score0.01096EPSS