Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
CiscoFiresight System Software

9 matches found

CVE
CVEadded 2015/08/19 2:59 p.m.51 views

CVE-2015-4302

The web interface in Cisco FireSIGHT Management Center 5.3.1.4 allows remote attackers to delete arbitrary system policies via modified parameters in a POST request, aka Bug ID CSCuu25390.

6.4CVSS7AI score0.00696EPSS
CVE
CVEadded 2016/12/14 12:59 a.m.49 views

CVE-2016-6471

A vulnerability in the web-based management interface of Cisco Firepower Management Center running FireSIGHT System software could allow an authenticated, remote attacker to view the Remote Storage Password. More Information: CSCvb19366. Known Affected Releases: 5.4.1.6.

6.5CVSS6.4AI score0.00422EPSS
CVE
CVEadded 2015/07/08 2:59 p.m.48 views

CVE-2015-4242

Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 5.4.1.2 and 6.0.0 in FireSIGHT Management Center allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu94721.

6.8CVSS7.4AI score0.00107EPSS
CVE
CVEadded 2016/01/16 5:59 a.m.46 views

CVE-2016-1293

Multiple cross-site scripting (XSS) vulnerabilities in the Management Center in Cisco FireSIGHT System Software 6.0.0 and 6.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCux40414.

6.1CVSS6AI score0.00229EPSS
CVE
CVEadded 2015/12/12 4:59 p.m.40 views

CVE-2015-6419

Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote authenticated users to read arbitrary files via a crafted GET request, aka Bug ID CSCur25410.

6.8CVSS6.4AI score0.00224EPSS
CVE
CVEadded 2016/03/03 3:59 p.m.38 views

CVE-2016-1355

Cross-site scripting (XSS) vulnerability in the Device Management UI in the management interface in Cisco FireSIGHT System Software 6.1.0 allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCuy41687.

6.1CVSS5.9AI score0.0025EPSS
CVE
CVEadded 2016/10/05 10:59 a.m.38 views

CVE-2016-6420

Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467.

6.8CVSS6.2AI score0.00049EPSS
CVE
CVEadded 2015/11/18 11:59 a.m.37 views

CVE-2015-6357

The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 through 5.4.0.1 does not verify the X.509 certificate of the support.sourcefire.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide an invalid package, and consequently execute arbitrary code...

6.8CVSS7.1AI score0.05935EPSS
CVE
CVEadded 2016/01/16 5:59 a.m.37 views

CVE-2016-1294

Cross-site scripting (XSS) vulnerability in the Management Center in Cisco FireSIGHT System Software 6.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted cookie, aka Bug ID CSCuw89094.

6.1CVSS5.9AI score0.00229EPSS