35 matches found
CVE-2016-6396
Cisco Firepower Management Center and FireSIGHT System Software before 6.1 are affected by CVE-2016-6396. The issue arises from improper validation of HTTP header fields in the malware blocking/detection features, which could allow an unauthenticated, remote attacker to bypass malware detection b...
CVE-2017-6766
Cisco Firepower System Software versions 5.4.0, 5.4.1, 6.0.0, 6.1.0, 6.2.0, 6.2.1, and 6.2.2 contain a vulnerability (CVE-2017-6766) in the SSL Decryption and Inspection feature that allows an unauthenticated, remote attacker to bypass SSL policy for decrypting and inspecting traffic. The issue a...
CVE-2015-6357
Cisco FireSIGHT Management Center (MC) versions 5.2–5.4.0.1 are affected by CVE-2015-6357 due to the rule-update feature not verifying the X.509 certificate of the support.sourcefire.com SSL server. This enables a man-in-the-middle attacker to spoof the server and deliver an invalid package, pote...
CVE-2016-9193
CVE-2016-9193 affects Cisco Firepower Management Center and FireSIGHT System Software when using a file policy with Block Malware. The root cause is described as incorrect handling of duplicate downloads of malware files, enabling an unauthenticated, remote attacker to bypass malware detection/bl...
CVE-2015-6353
Cisco FireSight Management Center (MC) vulnerability CVE-2015-6353 affects MC 5.3.1.5 and 5.4.x up to 5.4.1.3 where an authenticated remote attacker can inject arbitrary web script or HTML via unspecified parameters, due to improper input sanitization. The issue is confirmed by multiple sources, ...
CVE-2016-1293
Cisco FireSIGHT Management Center (6.0.0 and 6.0.1) is affected by multiple cross-site scripting (XSS) vulnerabilities in its web interface. The issues arise from improper sanitization of parameters, enabling an unauthenticated or remote attacker to inject arbitrary web script or HTML via unspeci...
CVE-2015-4242
The CVE-2015-4242 issue affects Cisco FireSIGHT System Software 5.4.1.2 and 6.0.0 within FireSIGHT Management Center. Root cause: insufficient CSRF protections, enabling cross-site request forgery. Impact: remote attackers could hijack the authentication of arbitrary users and perform unauthorize...
CVE-2015-4302
Cisco FireSIGHT Management Center 5.3.1.4 contains a web interface vulnerability that allows remote authenticated attackers to delete arbitrary system policies by sending crafted HTTP POST parameters. The root cause is improper input validation of POST fields, enabling an attacker to delete a pol...
CVE-2016-1356
CVE-2016-1356 affects Cisco FireSIGHT System Software 6.1.0, where credential verification does not use a constant-time algorithm. This timing variability enables remote attackers to enumerate valid usernames via measurement of responses, as described in Cisco’s FireSIGHT advisory (cisco-sa-20160...
CVE-2016-6471
CVE-2016-6471 affects Cisco Firepower Management Center (FireSIGHT) web-based management interface. The vulnerability arises from improper masking of sensitive data in HTTP responses, allowing an authenticated, remote attacker to view the Remote Storage Password by navigating specific configurati...
CVE-2015-0737
Cisco FireSIGHT System Software 5.3.1.1 contains multiple XSS vulnerabilities that allow remote attackers to inject arbitrary web script or HTML via crafted GET or POST parameters (Bug ID CSCuu11099). Root cause cited: insufficient input validation. Affects Cisco FireSIGHT System Software; adviso...
CVE-2015-6419
Cisco FireSIGHT Management Center (versions 4.10.3, 5.2.0, 5.3.0, 5.3.1, 5.4.0) contains an information-disclosure vulnerability in the GET request handling. An authenticated, remote attacker can trigger the flaw by sending crafted GET requests due to improper sanitation of user-supplied input, p...
CVE-2015-0773
Cisco FireSIGHT Management Center (System Software 5.3.1.3 and 6.0.0) is affected by CVE-2015-0773. The issue allows remote authenticated users to delete another user’s dashboard by submitting a modified VPN deletion request within a management session, due to improper validation of the deletion ...
CVE-2015-6427
CVE-2015-6427 describes a vulnerability in Cisco FireSIGHT Management Center where the HTTP attack detection of decrypted SSL traffic can be bypassed. The issue stems from improper handling of SSL-decrypted sessions, allowing an unauthenticated, remote attacker to bypass HTTP attack detection rul...
CVE-2015-0707
Cisco FireSIGHT System Software versions 5.3.1.1 and 6.0.0 in FireSIGHT Management Center are affected by a cross-site scripting (XSS) vulnerability. The issue allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter (Bug ID CSCus85425). Impact is web ...
CVE-2015-6335
Cisco FireSIGHT Management Center for VMware is affected by a policy-code vulnerability (Bug CSCuw12839) in versions 5.3.1.7, 5.4.0.4 and 6.0.0. An authenticated remote administrator may bypass policy restrictions and execute Linux commands as root on the underlying OS due to insufficient sanitiz...
CVE-2016-6395
Cisco Firepower Management Center and FireSIGHT System Software are affected by CVE-2016-6395; the web-based management interface vulnerability allows remote authenticated users to inject arbitrary script or HTML via a crafted URL (XSS) in versions before 6.1. The issue is associated with Bug ID ...
CVE-2015-6354
Cisco FireSight Management Center (MC) is affected by CVE-2015-6354, with vulnerable versions 5.4.1.3 and 6.0. The flaw is a cross-site scripting (XSS) vulnerability caused by improper sanitization of parameter values in the MC web interface, allowing an authenticated, remote attacker to inject a...
CVE-2015-6363
Cisco FireSight Management Center Web Framework Cross-Site Scripting Vulnerability (CVE-2015-6363) affects MC 5.4.1.4 and 6.0.1. The root cause is improper sanitization of parameter values in the web framework, allowing an authenticated remote attacker to inject arbitrary script/HTML via unspecif...
CVE-2016-1463
CVE-2016-1463 affects Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1. The root cause is improper handling of HTTP header parameters, enabling a remote, unauthenticated attacker to bypass Snort-based rules in the device. Affected component/behavior: Snort rule detection proces...
CVE-2017-6735
Cisco FireSIGHT System Software (FireSIGHT Management Center) is affected by CVE-2017-6735 due to improper handling of modified backup configuration files in the backup and restore functionality. Aauthenticated local attacker can execute arbitrary code on the targeted appliance with root privileg...
CVE-2015-0739
Cisco FireSIGHT System Software 5.3.0 (Sourcefire 3D Sensor) LOM vulnerability allows remote authenticated users to perform arbitrary BMC file uploads via unspecified vectors; root cause is insufficient input validation in Lights-Out Management. Exploitation could lead to arbitrary code execution...
CVE-2015-0766
CVE-2015-0766 affects Cisco FireSIGHT Management Center (Defense Center) admin web interface in FireSIGHT System Software 6.0.0. Multiple XSS vulnerabilities allow remote attackers to inject arbitrary script/HTML via unspecified fields, potentially enabling session hijack or data disclosure. Docu...
CVE-2015-4270
CVE-2015-4270 concerns Cisco FireSIGHT System Software 5.3.1.5 and 6.0.0, where multiple cross-site scripting (XSS) vulnerabilities exist due to insufficient validation of user-supplied input. A remote attacker could inject arbitrary script via a crafted URL, potentially compromising sessions or ...
CVE-2016-1345
Cisco FireSIGHT System Software 5.4.0–6.0.1 and ASA with FirePOWER Services 5.4.0–6.0.0.1 are affected by CVE-2016-1345, due to improper input validation of HTTP header fields, allowing remote attackers to bypass malware protection. Impact is the ability to install or pass malware without detecti...
CVE-2016-1368
CVE-2016-1368 affects Cisco FirePOWER System Software 5.3.x (up to 5.3.0.6) and 5.4.x (up to 5.4.0.3) on FirePOWER 7000/8000 appliances and the AMP for Networks component. The issue is caused by improper packet handling in the packet-processing subsystem when packets are passed through sensing in...
CVE-2015-0706
Cisco FireSIGHT Management Center/Open Redirect: A vulnerability in the web framework allows an unauthenticated, remote attacker to inject a crafted HTTP header, causing users to be redirected to arbitrary sites and enabling phishing. Affected are FireSIGHT System Software 5.3.1.1, 5.3.1.2, and 6...
CVE-2016-6411
Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 are affected by CVE-2016-6411, where the system mishandles comparisons between URLs and X.509 certificates, due to lack of verification of HTTP URL input against the SSL certificate. This allows an unauthenticated, remote attac...
CVE-2016-1294
CVE-2016-1294 is a cross-site scripting (XSS) vulnerability in Cisco FireSIGHT Management Center’s web interface (Management Center) on System Software 6.0.1. The issue arises from cookie handling and could allow remote attackers to inject arbitrary script or HTML via a crafted cookie. The vulner...
CVE-2016-6394
Cisco Firepower Management Center and FireSIGHT System Software (up to version 6.1.0) suffer a session fixation flaw where the application does not assign a new session identifier after authentication, enabling an attacker to hijack a valid user session. Root cause: insecure session handling in t...
CVE-2016-1355
Summary: CVE-2016-1355 is an XSS vulnerability in the Device Management UI of Cisco FireSIGHT System Software 6.1.0. The root cause is insufficient input validation in the HTTP web-based management interface, enabling a remote attacker to inject arbitrary web script or HTML via a crafted value. T...
CVE-2016-6420
CVE-2016-6420 affects Cisco FireSIGHT System Software used by Firepower Management Center (FMC) versions 4.10.3–5.4.0. The vulnerability is due to improper authorization checks in the FMC web framework, allowing remote authenticated users to bypass authorization and gain elevated privileges via a...
CVE-2016-6460
CVE-2016-6460 describes a vulnerability in the FTP REST API of Cisco Firepower System Software where an unauthenticated attacker can bypass FTP malware detection and download malware over FTP when a file policy blocks FTP malware. Affected releases include 5.4.0.2, 5.4.1.1, 5.4.1.6, 6.0.0, 6.1.0,...
CVE-2016-6417
Cisco FireSIGHT System Software (4.10.2–6.1.0) and Firepower Management Center are affected by CVE-2016-6417, a Cross‑Site Request Forgery vulnerability that lets remote attackers hijack the authentication of arbitrary users. The underlying issue is CSRF in the management interfaces, enabling una...
CVE-2016-1394
Cisco Firepower System Software versions 6.0.0–6.1.0 are affected by a hardcoded/default account that allows unauthenticated, remote CLI login by exploiting knowledge of the password (Bug CSCuz56238). The vulnerability stems from a default static password created during installation, enabling the...