CVE-2015-0706

CWE-20Improper Input Validation8 documents6 sources
Severity
5.8MEDIUM
EPSS
0.1%
top 80.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Firesight System Software
Timeline
PublishedApr 23
Latest updateMay 17

Description

Open redirect vulnerability in Cisco FireSIGHT System Software 5.3.1.1, 5.3.1.2, and 6.0.0 in FireSIGHT Management Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted HTTP header, aka Bug IDs CSCut06060, CSCut06056, and CSCus98966.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages1 packages

NVDcisco/firesight_system_software5.3.1.1, 5.3.1.2, 6.0.0+2

🔴Vulnerability Details

2
GHSA
GHSA-p9cg-9qh9-4f4v: Open redirect vulnerability in Cisco FireSIGHT System Software 52022-05-17
CVEList
CVE-2015-0706: Open redirect vulnerability in Cisco FireSIGHT System Software 52015-04-23

📋Vendor Advisories

2
Cisco
Cisco FireSIGHT Management Center Web Framework HTTP Header Redirection Vulnerability2015-04-22
Apache
Apache tomcat: CVE-2016-0706
CVE-2015-0706 (MEDIUM CVSS 5.8) | Open redirect vulnerability in Cisc | cvebase.io