Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.105428
Category:CISCO
Title:Cisco FireSIGHT Management Center for VMware Security Bypass Vulnerability
Summary:Cisco FireSIGHT Management Center for VMware is prone to a security-bypass vulnerability.
Description:Summary:
Cisco FireSIGHT Management Center for VMware is prone to a security-bypass vulnerability.

Vulnerability Insight:
The vulnerability is due to insufficient sanitization of user-supplied input. An attacker could exploit this vulnerability by bypassing policy restrictions
and executing commands on the underlying operating system. The user needs to log in to the device with valid administrator-level credentials.

Vulnerability Impact:
Attackers can exploit this issue to bypass security restrictions to perform unauthorized actions. This may aid in launching
further attacks.

Affected Software/OS:
Cisco FireSIGHT Management Center for VMware versions 5.3.1.7, 5.4.0.4, and 6.0.0 are vulnerable.

Solution:
Updates are available. Please see the references or vendor advisory for more information.

CVSS Score:
9.0

CVSS Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C

Cross-Ref: BugTraq ID: 77124
Common Vulnerability Exposure (CVE) ID: CVE-2015-6335
Cisco Security Advisory: 20151019 Cisco FireSIGHT Management Center Policy Code for VMware Privilege Escalation Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151016-fmc
http://www.securitytracker.com/id/1033873
CopyrightThis script is Copyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.