CVE-2015-6427

Cisco FireSIGHT Management Center allows remote attackers to bypass the HTTP attack detection feature and avoid triggering Snort IDS rules via an SSL session that is mishandled after decryption, aka Bug ID CSCux53437.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151217-fsm	Vendor Advisory
http://www.securitytracker.com/id/1034488

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cisco:firesight_system_software:5.3.0:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.0.1:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.0.2:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.1:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.1.1:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.1.2:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.1.3:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.1.4:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.1.5:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.1.7:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.0:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.0.1:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.0.4:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.1:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.1.2:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.1.3:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.1.4:::::::*
	cpe:2.3:a:cisco:firesight_system_software:6.0.0:::::::*
	cpe:2.3:a:cisco:firesight_system_software:6.0.0.1:::::::*
	cpe:2.3:a:cisco:firesight_system_software:6.0.1:::::::*

History

No history.

Information

Published : 2015-12-18 11:59

Updated : 2024-02-28 15:21

NVD link : CVE-2015-6427

Mitre link : CVE-2015-6427

CVE.ORG link : CVE-2015-6427

JSON object : View

Products Affected

cisco

firesight_system_software

CWE

CWE-254

7PK - Security Features

{"id": "CVE-2015-6427", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-12-18T11:59:02.793", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151217-fsm", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1034488", "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-254"}]}], "descriptions": [{"lang": "en", "value": "Cisco FireSIGHT Management Center allows remote attackers to bypass the HTTP attack detection feature and avoid triggering Snort IDS rules via an SSL session that is mishandled after decryption, aka Bug ID CSCux53437."}, {"lang": "es", "value": "Cisco FireSIGHT Management Center permite a atacantes remotos eludir la funcionalidad de detecci\u00f3n de ataques HTTP y evitar desencadenar las reglas del IDS Snort a trav\u00e9s de una sesi\u00f3n SSL que no es manejada adecuadamente despu\u00e9s del desencritado, tambi\u00e9n conocido como Bug ID CSCux53437."}], "lastModified": "2016-12-07T18:20:19.883", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1049BCE-4A7B-4636-9090-17724D5AFBA4"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.3.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87359216-7FDC-4235-9DEC-6BAF04214FC4"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.3.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C5912CE-A631-4A16-84EE-E7B9864655D4"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BEF2B98-243F-4796-A98C-A978C4CCAD91"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59A9002E-66A1-4C35-8D07-9BC438350081"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.3.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34C49E27-A356-45E5-9FF3-242C37626718"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.3.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1B9FBE0-7771-49C9-96D9-204B684AB693"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.3.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "380900BB-4F03-4E76-A78C-DFB43669494F"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.3.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5273EE5-40CA-48B5-8F60-823CDB75F3A1"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.3.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A476BF5E-1877-4B47-8E89-240910B49A16"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EB13B96-D431-49BD-ADAB-9AE5DB559935"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79AECC9E-657F-4BFF-B640-B96CD1384647"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CB0484C-F0B7-4349-856E-194E97A7F8A6"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7DC251B-1CA8-4232-A900-885933E01FB1"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD0DF530-4865-45A1-87CA-6ED6026A56A6"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7335266F-B16F-4EFB-B1D2-1F61B3EBB437"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13BF9C6F-B511-444B-B6B7-960DF8758964"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55D52DB0-4441-41C9-900E-DE917B0CBC91"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D032900-6B00-4F4D-A2F7-6119F113675F"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC5565FE-174C-41C7-9462-9138BB31507D"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}