Cisco FireSIGHT Management Center Dashboard Deletion Vulnerability

A vulnerability in management interface used to delete VPNs in the Cisco FireSIGHT Management Center could allow an authenticated, remote attacker with limited user permissions to delete another user’s VPN dashboard.

The vulnerability occurs because the product does not properly validate the deletion request. An attacker could exploit this vulnerability by tampering with a management session and modifying the deletion request. An exploit could allow the attacker to delete dashboards that the user account should not be able to modify.

Cisco has confirmed the vulnerability and released software updates.

To exploit this vulnerability, an attacker must authenticate to the targeted device. This access requirement decreases the likelihood of a successful exploit.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.