Lucene search
K

13 matches found

Cvelist
Cvelist
added 2018/07/16 5:0 p.m.29 views

CVE-2018-0384

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected software incorrectly...

6.3AI score0.02502EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2018/06/07 9:0 p.m.9 views

CVE-2018-0333

A vulnerability in the VPN configuration management of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass VPN security due to unintended side effects of dynamic configuration changes that could allow an attacker to bypass configured policies. The vulnerabili...

7AI score0.01924EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/06/07 9:0 p.m.35 views

CVE-2018-0333

A vulnerability in the VPN configuration management of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass VPN security due to unintended side effects of dynamic configuration changes that could allow an attacker to bypass configured policies. The vulnerabili...

5.7AI score0.01924EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/07/10 8:0 p.m.30 views

CVE-2017-6735

A vulnerability in the backup and restore functionality of Cisco FireSIGHT System Software could allow an authenticated, local attacker to execute arbitrary code on a targeted system. More Information: CSCvc91092. Known Affected Releases: 6.2.0 6.2.1...

6.7AI score0.0042EPSS
Exploits0References3
Cisco
Cisco
added 2016/12/07 4:0 p.m.46 views

Cisco Firepower Management Center and Cisco FireSIGHT System Software Malicious Software Detection Bypass Vulnerability

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. The vulnerability is due to the incorrect...

5CVSS7.6AI score0.01957EPSS
Exploits0References1
CVE
CVE
added 2016/09/12 10:0 a.m.56 views

CVE-2016-6395

Cisco Firepower Management Center and FireSIGHT System Software are affected by CVE-2016-6395; the web-based management interface vulnerability allows remote authenticated users to inject arbitrary script or HTML via a crafted URL (XSS) in versions before 6.1. The issue is associated with Bug ID ...

5.4CVSS5AI score0.01104EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2016/07/29 12:0 a.m.20 views

Cisco FireSIGHT System Software Snort Rule Bypass Vulnerability

A vulnerability in Snort rule detection in Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass configured rules that use Snort detection. The vulnerability is due to improper handling of HTTP header parameters. An attacker could exploit this vulnerability by...

7.5CVSS7.6AI score0.02113EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/03/21 12:0 a.m.23 views

Cisco FireSIGHT System Software Multiple Vulnerabilities

A vulnerability in credential authentication for valid and invalid username-password pairs for Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to determine a list of valid usernames for an affected device. A vulnerability in the HTTP web-based management interface ...

6.1CVSS5AI score0.00831EPSS
Exploits0References2
Prion
Prion
added 2016/03/03 10:59 p.m.18 views

Code injection

Cisco FireSIGHT System Software 6.1.0 does not use a constant-time algorithm for verifying credentials, which makes it easier for remote attackers to enumerate valid usernames by measuring timing differences, aka Bug ID CSCuy41615...

4.3CVSS7.1AI score0.00831EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2016/01/16 5:59 a.m.20 views

CVE-2016-1293

Multiple cross-site scripting XSS vulnerabilities in the Management Center in Cisco FireSIGHT System Software 6.0.0 and 6.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCux40414...

6.1CVSS6.1AI score0.01122EPSS
Exploits0References2
CVE
CVE
added 2016/01/16 2:0 a.m.49 views

CVE-2016-1294

CVE-2016-1294 is a cross-site scripting (XSS) vulnerability in Cisco FireSIGHT Management Center’s web interface (Management Center) on System Software 6.0.1. The issue arises from cookie handling and could allow remote attackers to inject arbitrary script or HTML via a crafted cookie. The vulner...

6.1CVSS5.9AI score0.01122EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/07/08 2:0 p.m.21 views

CVE-2015-4242

Cross-site request forgery CSRF vulnerability in Cisco FireSIGHT System Software 5.4.1.2 and 6.0.0 in FireSIGHT Management Center allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu94721...

7.2AI score0.00996EPSS
Exploits0References2
Cvelist
Cvelist
added 2015/06/04 10:0 a.m.19 views

CVE-2015-0766

Multiple cross-site scripting XSS vulnerabilities in the administrative web interface in the Management Center component in Cisco FireSIGHT System Software 6.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified fields, aka Bug IDs CSCus93566, CSCut31557, and CSCut4719...

5.8AI score0.01546EPSS
Exploits0References2
Rows per page
Query Builder