Skip to main content

Firesight System Software CVE-2015-6427

MEDIUM
7PK - Security Features (CWE-254)
2015-12-18 psirt@cisco.com
5.0
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
5.0 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:L/Au:N/C:N/I:P/A:N
Attack Vector
Network
Attack Complexity
Low
Confidentiality
None
Integrity
P
Availability
None

Lifecycle Timeline

1
CVE Published
Dec 18, 2015 - 11:59 cve.org
MEDIUM 5.0

DescriptionCVE.org

Cisco FireSIGHT Management Center allows remote attackers to bypass the HTTP attack detection feature and avoid triggering Snort IDS rules via an SSL session that is mishandled after decryption, aka Bug ID CSCux53437.

AnalysisAI

Cisco FireSIGHT Management Center allows remote attackers to bypass the HTTP attack detection feature and avoid triggering Snort IDS rules via an SSL session that is mishandled after decryption, aka. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-254. Cisco FireSIGHT Management Center allows remote attackers to bypass the HTTP attack detection feature and avoid triggering Snort IDS rules via an SSL session that is mishandled after decryption, aka Bug ID CSCux53437. Affected products include: Cisco Firesight System Software.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2016-6394 CRITICAL
9.1 Sep 12

Session fixation vulnerability in Cisco Firepower Management Center and Cisco FireSIGHT System Software through 6.1.0 al

CVE-2015-6335 CRITICAL
9.0 Oct 25

The policy implementation in Cisco FireSIGHT Management Center 5.3.1.7, 5.4.0.4, and 6.0.0 for VMware allows remote auth

CVE-2016-6417 HIGH
8.8 Oct 05

Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 4.10.2 through 6.1.0 and Firepower Ma

CVE-2016-1394 HIGH
8.6 Jul 03

Cisco Firepower System Software 6.0.0 through 6.1.0 has a hardcoded account, which allows remote attackers to obtain CLI

CVE-2015-6357 MEDIUM
6.8 Nov 18

The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 through 5.4.0.1 does not verify the X.509 certific

CVE-2016-1463 HIGH
7.5 Jul 28

Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via cr

CVE-2016-1345 HIGH
7.5 Apr 01

Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with FirePOWER Services 5.4.0 through 6.0.0.1 allow remote a

CVE-2016-9193 HIGH
7.5 Dec 14

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco Fir

CVE-2016-6460 HIGH
7.5 Nov 19

A vulnerability in the FTP Representational State Transfer Application Programming Interface (REST API) for Cisco Firepo

CVE-2016-1368 HIGH
7.5 May 05

Cisco FirePOWER System Software 5.3.x through 5.3.0.6 and 5.4.x through 5.4.0.3 on FirePOWER 7000 and 8000 appliances, a

CVE-2016-6411 HIGH
7.5 Sep 24

Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 mishandle comparisons between URLs and X.509 certi

CVE-2017-6766 HIGH
7.5 Aug 07

A vulnerability in the Secure Sockets Layer (SSL) Decryption and Inspection feature of Cisco Firepower System Software 5

Share

CVE-2015-6427 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy