CVE-2015-6411Sensitive Information Exposure in Cisco Secure Firewall Management Center

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
0.5%
top 33.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Secure Firewall Management Center
Timeline
PublishedDec 15
Latest updateMay 17

Description

Cisco FirePOWER Management Center 5.4.1.3, 6.0.0, and 6.0.1 provides verbose responses to requests for help files, which allows remote attackers to obtain potentially sensitive version information by reading an unspecified field, aka Bug ID CSCux37061.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDcisco/secure_firewall_management_center5.4.1.3, 6.0.0, 6.0.1+2

🔴Vulnerability Details

2
GHSA
GHSA-5cw8-c36x-qfch: Cisco FirePOWER Management Center 52022-05-17
CVEList
CVE-2015-6411: Cisco FirePOWER Management Center 52015-12-15

📋Vendor Advisories

1
Cisco
Cisco FirePOWER Management Center Software Version Information Disclosure Vulnerability2015-12-09
CVE-2015-6411 — Sensitive Information Exposure in Cisco | cvebase