CVE-2015-6419

CWE-200 — Information Exposure5 documents5 sources

Severity

6.8MEDIUM

EPSS

0.2%

top 54.90%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Firesight System Software

Timeline

PublishedDec 12

Latest updateOct 1

Description

Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote authenticated users to read arbitrary files via a crafted GET request, aka Bug ID CSCur25410.

CVSS vector

AV:N/AC:L/C:C/I:N/A:NExploitability: 8.0 | Impact: 6.9

Affected Packages1 packages

▶NVDcisco/firesight_system_software5 versions+4

🔴Vulnerability Details

OSV

libmspack vulnerabilities↗2025-10-01

▶

GHSA

GHSA-f83p-ccx3-r342: Cisco FireSIGHT Management Center with software 4↗2022-05-17

▶

CVEList

CVE-2015-6419: Cisco FireSIGHT Management Center with software 4↗2015-12-12

▶

📋Vendor Advisories

Cisco

Cisco FireSIGHT Management Center GET Request Information Disclosure Vulnerability↗2015-12-11

▶