6.4

CVE-2015-4302

The web interface in Cisco FireSIGHT Management Center 5.3.1.4 allows remote attackers to delete arbitrary system policies via modified parameters in a POST request, aka Bug ID CSCuu25390.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoFiresight System Software Version5.3.1.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.15% 0.798
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.4 10 4.9
AV:N/AC:L/Au:N/C:N/I:P/A:P
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

http://tools.cisco.com/security/center/viewAlert.x?alertId=40432
Vendor Advisory
http://www.securityfocus.com/bid/76345
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1033279
Third Party Advisory
VDB Entry