VAR-201506-0165
Vulnerability from variot - Updated: 2025-04-13 23:23Cisco FireSIGHT System Software 5.3.1.3 and 6.0.0 allows remote authenticated users to delete an arbitrary user's dashboard via a modified VPN deletion request in a management session, aka Bug ID CSCut67078. Cisco FireSIGHT system The software contains a vulnerability that allows arbitrary user dashboards to be deleted. The Cisco FireSIGHT ManagementCenter is a set of network security and operations that support centralized management of Cisco ASA and Cisco FirePOWER network security appliances using FirePOWER Services. The Cisco FireSIGHT Management Center has security issues. Remotely authenticated non-privileged users submit special VPN removal requests and delete the user's VPN panel. Cisco FireSIGHT System Software is prone to a remote security-bypass vulnerability. Successfully exploiting this issue may allow an attacker to to delete the VPN dashboard of a targeted user. This may result in a denial of service condition. This issue is being tracked by Cisco Bug ID CSCut67078
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201506-0165",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "firesight system software",
"scope": "eq",
"trust": 2.7,
"vendor": "cisco",
"version": "6.0.0"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.3.1.1"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "5.3.1.3"
},
{
"model": "firesight",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.3.1.3"
},
{
"model": "firesight",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "6.0.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03784"
},
{
"db": "BID",
"id": "75099"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003070"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-235"
},
{
"db": "NVD",
"id": "CVE-2015-0773"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:firesight_system_software",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003070"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "75099"
}
],
"trust": 0.3
},
"cve": "CVE-2015-0773",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2015-0773",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CNVD-2015-03784",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-78719",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-0773",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-0773",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-03784",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201506-235",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-78719",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03784"
},
{
"db": "VULHUB",
"id": "VHN-78719"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003070"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-235"
},
{
"db": "NVD",
"id": "CVE-2015-0773"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco FireSIGHT System Software 5.3.1.3 and 6.0.0 allows remote authenticated users to delete an arbitrary user\u0027s dashboard via a modified VPN deletion request in a management session, aka Bug ID CSCut67078. Cisco FireSIGHT system The software contains a vulnerability that allows arbitrary user dashboards to be deleted. The Cisco FireSIGHT ManagementCenter is a set of network security and operations that support centralized management of Cisco ASA and Cisco FirePOWER network security appliances using FirePOWER Services. The Cisco FireSIGHT Management Center has security issues. Remotely authenticated non-privileged users submit special VPN removal requests and delete the user\u0027s VPN panel. Cisco FireSIGHT System Software is prone to a remote security-bypass vulnerability. \nSuccessfully exploiting this issue may allow an attacker to to delete the VPN dashboard of a targeted user. This may result in a denial of service condition. \nThis issue is being tracked by Cisco Bug ID CSCut67078",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0773"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003070"
},
{
"db": "CNVD",
"id": "CNVD-2015-03784"
},
{
"db": "BID",
"id": "75099"
},
{
"db": "VULHUB",
"id": "VHN-78719"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-0773",
"trust": 3.4
},
{
"db": "SECTRACK",
"id": "1032542",
"trust": 1.1
},
{
"db": "BID",
"id": "75099",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003070",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201506-235",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-03784",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-78719",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03784"
},
{
"db": "VULHUB",
"id": "VHN-78719"
},
{
"db": "BID",
"id": "75099"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003070"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-235"
},
{
"db": "NVD",
"id": "CVE-2015-0773"
}
]
},
"id": "VAR-201506-0165",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03784"
},
{
"db": "VULHUB",
"id": "VHN-78719"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03784"
}
]
},
"last_update_date": "2025-04-13T23:23:44.831000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "39256",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39256"
},
{
"title": "Cisco FireSIGHT Management Center configures patches for modifying vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/59662"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03784"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003070"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78719"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003070"
},
{
"db": "NVD",
"id": "CVE-2015-0773"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39256"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032542"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0773"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0773"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/c/en/us/products/security/firesight-management-center/index.html"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03784"
},
{
"db": "VULHUB",
"id": "VHN-78719"
},
{
"db": "BID",
"id": "75099"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003070"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-235"
},
{
"db": "NVD",
"id": "CVE-2015-0773"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-03784"
},
{
"db": "VULHUB",
"id": "VHN-78719"
},
{
"db": "BID",
"id": "75099"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003070"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-235"
},
{
"db": "NVD",
"id": "CVE-2015-0773"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-03784"
},
{
"date": "2015-06-12T00:00:00",
"db": "VULHUB",
"id": "VHN-78719"
},
{
"date": "2015-06-09T00:00:00",
"db": "BID",
"id": "75099"
},
{
"date": "2015-06-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003070"
},
{
"date": "2015-06-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-235"
},
{
"date": "2015-06-12T10:59:02.587000",
"db": "NVD",
"id": "CVE-2015-0773"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-03784"
},
{
"date": "2017-01-04T00:00:00",
"db": "VULHUB",
"id": "VHN-78719"
},
{
"date": "2015-06-09T00:00:00",
"db": "BID",
"id": "75099"
},
{
"date": "2015-06-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003070"
},
{
"date": "2015-06-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-235"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-0773"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-235"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco FireSIGHT system Vulnerability to delete arbitrary user\u0027s dashboard in software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003070"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-235"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…