Lucene search

[email protected]NVD:CVE-2015-6427

HistoryDec 18, 2015 - 11:59 a.m.

CVE-2015-6427

2015-12-1811:59:02

CWE-254

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.7

Confidence

Low

EPSS

0.001

Percentile

47.6%

JSON

Cisco FireSIGHT Management Center allows remote attackers to bypass the HTTP attack detection feature and avoid triggering Snort IDS rules via an SSL session that is mishandled after decryption, aka Bug ID CSCux53437.

Affected configurations

Nvd

Node

ciscofiresight_system_softwareMatch5.3.0

ciscofiresight_system_softwareMatch5.3.0.1

ciscofiresight_system_softwareMatch5.3.0.2

ciscofiresight_system_softwareMatch5.3.1

ciscofiresight_system_softwareMatch5.3.1.1

ciscofiresight_system_softwareMatch5.3.1.2

ciscofiresight_system_softwareMatch5.3.1.3

ciscofiresight_system_softwareMatch5.3.1.4

ciscofiresight_system_softwareMatch5.3.1.5

ciscofiresight_system_softwareMatch5.3.1.7

ciscofiresight_system_softwareMatch5.4.0

ciscofiresight_system_softwareMatch5.4.0.1

ciscofiresight_system_softwareMatch5.4.0.4

ciscofiresight_system_softwareMatch5.4.1

ciscofiresight_system_softwareMatch5.4.1.2

ciscofiresight_system_softwareMatch5.4.1.3

ciscofiresight_system_softwareMatch5.4.1.4

ciscofiresight_system_softwareMatch6.0.0

ciscofiresight_system_softwareMatch6.0.0.1

ciscofiresight_system_softwareMatch6.0.1

VendorProductVersionCPE
ciscofiresight_system_software5.3.0cpe:2.3:a:cisco:firesight_system_software:5.3.0:*:*:*:*:*:*:*
ciscofiresight_system_software5.3.0.1cpe:2.3:a:cisco:firesight_system_software:5.3.0.1:*:*:*:*:*:*:*
ciscofiresight_system_software5.3.0.2cpe:2.3:a:cisco:firesight_system_software:5.3.0.2:*:*:*:*:*:*:*
ciscofiresight_system_software5.3.1cpe:2.3:a:cisco:firesight_system_software:5.3.1:*:*:*:*:*:*:*
ciscofiresight_system_software5.3.1.1cpe:2.3:a:cisco:firesight_system_software:5.3.1.1:*:*:*:*:*:*:*
ciscofiresight_system_software5.3.1.2cpe:2.3:a:cisco:firesight_system_software:5.3.1.2:*:*:*:*:*:*:*
ciscofiresight_system_software5.3.1.3cpe:2.3:a:cisco:firesight_system_software:5.3.1.3:*:*:*:*:*:*:*
ciscofiresight_system_software5.3.1.4cpe:2.3:a:cisco:firesight_system_software:5.3.1.4:*:*:*:*:*:*:*
ciscofiresight_system_software5.3.1.5cpe:2.3:a:cisco:firesight_system_software:5.3.1.5:*:*:*:*:*:*:*
ciscofiresight_system_software5.3.1.7cpe:2.3:a:cisco:firesight_system_software:5.3.1.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	firesight_system_software	5.3.0	cpe:2.3:a:cisco:firesight_system_software:5.3.0:::::::*
cisco	firesight_system_software	5.3.0.1	cpe:2.3:a:cisco:firesight_system_software:5.3.0.1:::::::*
cisco	firesight_system_software	5.3.0.2	cpe:2.3:a:cisco:firesight_system_software:5.3.0.2:::::::*
cisco	firesight_system_software	5.3.1	cpe:2.3:a:cisco:firesight_system_software:5.3.1:::::::*
cisco	firesight_system_software	5.3.1.1	cpe:2.3:a:cisco:firesight_system_software:5.3.1.1:::::::*
cisco	firesight_system_software	5.3.1.2	cpe:2.3:a:cisco:firesight_system_software:5.3.1.2:::::::*
cisco	firesight_system_software	5.3.1.3	cpe:2.3:a:cisco:firesight_system_software:5.3.1.3:::::::*
cisco	firesight_system_software	5.3.1.4	cpe:2.3:a:cisco:firesight_system_software:5.3.1.4:::::::*
cisco	firesight_system_software	5.3.1.5	cpe:2.3:a:cisco:firesight_system_software:5.3.1.5:::::::*
cisco	firesight_system_software	5.3.1.7	cpe:2.3:a:cisco:firesight_system_software:5.3.1.7:::::::*