Firesight System Software@5.3.1.2 Security Vulnerabilities and Issues — Firesight System Software@5.3.1.2 CVE List

Lucene search

CiscoFiresight System Software5.3.1.2

3 matches found

CVE•added 2015/12/18 11:59 a.m.•46 views

CVE-2015-6427

Cisco FireSIGHT Management Center allows remote attackers to bypass the HTTP attack detection feature and avoid triggering Snort IDS rules via an SSL session that is mishandled after decryption, aka Bug ID CSCux53437.

5CVSS6.9AI score0.00397EPSS

CVE•added 2015/11/18 11:59 a.m.•37 views

CVE-2015-6357

The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 through 5.4.0.1 does not verify the X.509 certificate of the support.sourcefire.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide an invalid package, and consequently execute arbitrary code...

6.8CVSS7.1AI score0.05935EPSS

CVE•added 2015/04/23 2:0 a.m.•36 views

CVE-2015-0706

Open redirect vulnerability in Cisco FireSIGHT System Software 5.3.1.1, 5.3.1.2, and 6.0.0 in FireSIGHT Management Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted HTTP header, aka Bug IDs CSCut06060, CSCut06056, and CSCus98966.

5.8CVSS6.8AI score0.00062EPSS