CVE-2015-6357 — Improper Input Validation in Cisco Firesight System Software

CWE-20 — Improper Input Validation4 documents4 sources

Severity

6.8MEDIUMNVD

EPSS

5.9%

top 9.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Firesight System Software

Timeline

PublishedNov 18

Latest updateMay 14

Description

The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 through 5.4.0.1 does not verify the X.509 certificate of the support.sourcefire.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide an invalid package, and consequently execute arbitrary code, via a crafted certificate, aka Bug ID CSCuw06444.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

▶NVDcisco/firesight_system_software7 versions+6

🔴Vulnerability Details

GHSA

GHSA-8j79-x4hx-j6c3: The rule-update feature in Cisco FireSIGHT Management Center (MC) 5↗2022-05-14

▶

CVEList

CVE-2015-6357: The rule-update feature in Cisco FireSIGHT Management Center (MC) 5↗2015-11-18

▶

📋Vendor Advisories

Cisco

Cisco FireSIGHT Management Center Certificate Validation Vulnerability↗2015-11-16

▶