Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.105428 |
Category: | CISCO |
Title: | Cisco FireSIGHT Management Center for VMware Security Bypass Vulnerability |
Summary: | Cisco FireSIGHT Management Center for VMware is prone to a security-bypass vulnerability. |
Description: | Summary: Cisco FireSIGHT Management Center for VMware is prone to a security-bypass vulnerability. Vulnerability Insight: The vulnerability is due to insufficient sanitization of user-supplied input. An attacker could exploit this vulnerability by bypassing policy restrictions and executing commands on the underlying operating system. The user needs to log in to the device with valid administrator-level credentials. Vulnerability Impact: Attackers can exploit this issue to bypass security restrictions to perform unauthorized actions. This may aid in launching further attacks. Affected Software/OS: Cisco FireSIGHT Management Center for VMware versions 5.3.1.7, 5.4.0.4, and 6.0.0 are vulnerable. Solution: Updates are available. Please see the references or vendor advisory for more information. CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C |
Cross-Ref: |
BugTraq ID: 77124 Common Vulnerability Exposure (CVE) ID: CVE-2015-6335 Cisco Security Advisory: 20151019 Cisco FireSIGHT Management Center Policy Code for VMware Privilege Escalation Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151016-fmc http://www.securitytracker.com/id/1033873 |
Copyright | This script is Copyright (C) 2015 Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |