CVE-2015-6427

Cisco FireSIGHT Management Center allows remote attackers to bypass the HTTP attack detection feature and avoid triggering Snort IDS rules via an SSL session that is mishandled after decryption, aka Bug ID CSCux53437.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151217-fsm	Vendor Advisory
http://www.securitytracker.com/id/1034488

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cisco:firesight_system_software:5.4.0.1:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.1.4:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.1.1:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.1:::::::*
	cpe:2.3:a:cisco:firesight_system_software:6.0.1:::::::*
	cpe:2.3:a:cisco:firesight_system_software:6.0.0.1:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.1.5:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.1.2:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.0:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.0.2:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.0.4:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.0.1:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.1.4:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.1.3:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.1.3:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.1:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.1.2:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.0:::::::*
	cpe:2.3:a:cisco:firesight_system_software:6.0.0:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.1.7:::::::*

Information

Published : 2015-12-18 03:59

Updated : 2016-12-07 10:20

NVD link : CVE-2015-6427

Mitre link : CVE-2015-6427

JSON object : View

CWE

CWE-254

7PK - Security Features

Products Affected

cisco

firesight_system_software

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151217-fsm", "name": "20151217 Cisco FireSIGHT Management Center SSL HTTP Attack Detection Vulnerability", "tags": ["Vendor Advisory"], "refsource": "CISCO"}, {"url": "http://www.securitytracker.com/id/1034488", "name": "1034488", "tags": [], "refsource": "SECTRACK"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Cisco FireSIGHT Management Center allows remote attackers to bypass the HTTP attack detection feature and avoid triggering Snort IDS rules via an SSL session that is mishandled after decryption, aka Bug ID CSCux53437."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-254"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2015-6427", "ASSIGNER": "psirt@cisco.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2015-12-18T11:59Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.3.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.3.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:6.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:6.0.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.3.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.4.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.3.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.3.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.4.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.3.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.4.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.3.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:6.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.3.1.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2016-12-07T18:20Z"}

5.0 /10