CVE-2015-0773

CWE-264CWE-3995 documents5 sources
Severity
5.5MEDIUM
EPSS
0.4%
top 40.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Firesight System Software
Timeline
PublishedJun 12
Latest updateMay 17

Description

Cisco FireSIGHT System Software 5.3.1.3 and 6.0.0 allows remote authenticated users to delete an arbitrary user's dashboard via a modified VPN deletion request in a management session, aka Bug ID CSCut67078.

CVSS vector

AV:N/AC:L/C:N/I:P/A:PExploitability: 8.0 | Impact: 4.9

Affected Packages1 packages

ā–¶NVDcisco/firesight_system_software5.3.1.1, 6.0.0+1

šŸ”“Vulnerability Details

2
GHSA
GHSA-xf6v-7wcc-qvvf: Cisco FireSIGHT System Software 5ā†—2022-05-17
ā–¶
CVEList
CVE-2015-0773: Cisco FireSIGHT System Software 5ā†—2015-06-12
ā–¶

šŸ“‹Vendor Advisories

1
Cisco
Cisco FireSIGHT Management Center Dashboard Deletion Vulnerabilityā†—2015-06-09
ā–¶

šŸ’¬Community

1
Bugzilla
CVE-2015-0227 wss4j: Apache WSS4J doesn't correctly enforce the requireSignedEncryptedDataElements propertyā†—2015-02-11
ā–¶
CVE-2015-0773 (MEDIUM CVSS 5.5) | Cisco FireSIGHT System Software 5.3 | cvebase.io