PT-2015-4874 · Cisco · Firesight System
Publicado
2015-06-12
·
Atualizado
2017-01-04
·
CVE-2015-0773
CVSS v2.0
5.5
Média
| Vetor | AV:N/AC:L/Au:S/C:N/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Cisco FireSIGHT System Software versions 5.3.1.3 and 6.0.0
Description
The issue allows remote authenticated users to delete an arbitrary user's dashboard via a modified VPN deletion request in a management session.
Recommendations
For version 5.3.1.3, update to a version that contains a fix for this issue.
For version 6.0.0, update to a version that contains a fix for this issue.
As a temporary workaround, consider restricting access to the management session to minimize the risk of exploitation.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Firesight System