4

CVE-2015-0739

The Lights-Out Management (LOM) implementation in Cisco FireSIGHT System Software 5.3.0 on Sourcefire 3D Sensor devices allows remote authenticated users to perform arbitrary Baseboard Management Controller (BMC) file uploads via unspecified vectors, aka Bug ID CSCus87938.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoFiresight System Software Version5.3.0
   CiscoSourcefire 3d1000 Sensor Version-
   CiscoSourcefire 3d2000 Sensor Version-
   CiscoSourcefire 3d2100 Sensor Version-
   CiscoSourcefire 3d2500 Sensor Version-
   CiscoSourcefire 3d3500 Sensor Version-
   CiscoSourcefire 3d4500 Sensor Version-
   CiscoSourcefire 3d500 Sensor Version-
   CiscoSourcefire 3d6500 Sensor Version-
   CiscoSourcefire 3d9900 Sensor Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.28% 0.513
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:N/I:P/A:N
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.securityfocus.com/bid/74709
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1032359
Third Party Advisory
VDB Entry