Firesight System Software Security Vulnerabilities and Issues — Firesight System Software CVE List

Lucene search

CiscoFiresight System Software

5 matches found

CVE•added 2015/06/12 10:59 a.m.•46 views

CVE-2015-0737

Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSIGHT System Software 5.3.1.1 allow remote attackers to inject arbitrary web script or HTML via a crafted (1) GET or (2) POST parameter, aka Bug ID CSCuu11099.

4.3CVSS5.8AI score0.00263EPSS

CVE•added 2016/03/03 10:59 p.m.•43 views

CVE-2016-1356

Cisco FireSIGHT System Software 6.1.0 does not use a constant-time algorithm for verifying credentials, which makes it easier for remote attackers to enumerate valid usernames by measuring timing differences, aka Bug ID CSCuy41615.

4.3CVSS4.6AI score0.00236EPSS

CVE•added 2015/06/04 10:59 a.m.•42 views

CVE-2015-0766

Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in the Management Center component in Cisco FireSIGHT System Software 6.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified fields, aka Bug IDs CSCus93566, CSCut31557, and CSCut4719...

4.3CVSS5.9AI score0.00263EPSS

CVE•added 2015/05/19 2:0 a.m.•38 views

CVE-2015-0739

The Lights-Out Management (LOM) implementation in Cisco FireSIGHT System Software 5.3.0 on Sourcefire 3D Sensor devices allows remote authenticated users to perform arbitrary Baseboard Management Controller (BMC) file uploads via unspecified vectors, aka Bug ID CSCus87938.

4CVSS6.7AI score0.00283EPSS

CVE•added 2015/07/14 5:59 p.m.•36 views

CVE-2015-4270

Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSIGHT System Software 5.3.1.5 and 6.0.0 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCuv22557, CSCuv22583, CSCuv22632, CSCuv22641, CSCuv22650, CSCuv22662, CSCuv22697, and CSCuv22702.

4.3CVSS5.8AI score0.00263EPSS