Lucene search
CiscoCVE-2015-6354HistoryOct 31, 2015 - 4:59 a.m.
CVE-2015-6354
2015-10-3104:59:06
CWE-79
cisco
web.nvd.nist.gov
30
cisco
firesight
management center
xss
vulnerability
remote
authenticated
injection
web script
html
nvd
cve-2015-6354
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
30.0%
Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight Management Center (MC) 5.4.1.3 and 6.0 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuv73338.
Affected configurations
Node
ciscofiresight_system_softwareMatch5.4.1.3
ORciscofiresight_system_softwareMatch6.0.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | firesight_system_software | 5.4.1.3 | cpe:2.3:a:cisco:firesight_system_software:5.4.1.3:*:*:*:*:*:*:* |
| cisco | firesight_system_software | 6.0.0 | cpe:2.3:a:cisco:firesight_system_software:6.0.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2015-6354
2015-10-31 01:00:00
cisco
cisco
Cisco FireSIGHT Management Center HTML Injection Vulnerability
2015-10-29 00:00:00
prion
prion
Cross site scripting
2015-10-31 04:59:00
nvd
nvd
CVE-2015-6354
2015-10-31 04:59:06
openvas
openvas
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
30.0%
Related for CVE-2015-6354