VAR-201511-0012
Vulnerability from variot - Updated: 2025-04-13 23:23The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 through 5.4.0.1 does not verify the X.509 certificate of the support.sourcefire.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide an invalid package, and consequently execute arbitrary code, via a crafted certificate, aka Bug ID CSCuw06444. The Cisco FireSIGHT Management Center centrally manages the network security and operational features of Cisco ASA with FirePOWER Services and Cisco FirePOWER appliances. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks. This issue is being tracked by Cisco Bug ID CSCuw06444. The vulnerability is caused by the fact that the program does not verify the X.509 certificate of the support.sourcefire.com SSL server
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201511-0012",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "firesight system software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.3.1.5"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.3.1.1"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.4.0.1"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.3.0"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.2.0"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.3.1.2"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.4.0"
},
{
"model": "firesight management center",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "5.4.0"
},
{
"model": "firesight management center",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "5.4.0.1"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "5.4"
},
{
"model": "firesight management center",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.2.0"
},
{
"model": "firesight management center",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.3.0"
},
{
"model": "firesight management center",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.3.1.1"
},
{
"model": "firesight management center",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.3.1.2"
},
{
"model": "firesight management center",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.3.1.5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07706"
},
{
"db": "BID",
"id": "77586"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005954"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-288"
},
{
"db": "NVD",
"id": "CVE-2015-6357"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:firesight_system_software",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005954"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matthew Flanagan",
"sources": [
{
"db": "BID",
"id": "77586"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6357",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6357",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2015-07706",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84318",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6357",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6357",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-07706",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201511-288",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84318",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07706"
},
{
"db": "VULHUB",
"id": "VHN-84318"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005954"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-288"
},
{
"db": "NVD",
"id": "CVE-2015-6357"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 through 5.4.0.1 does not verify the X.509 certificate of the support.sourcefire.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide an invalid package, and consequently execute arbitrary code, via a crafted certificate, aka Bug ID CSCuw06444. The Cisco FireSIGHT Management Center centrally manages the network security and operational features of Cisco ASA with FirePOWER Services and Cisco FirePOWER appliances. \nSuccessfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks. \nThis issue is being tracked by Cisco Bug ID CSCuw06444. The vulnerability is caused by the fact that the program does not verify the X.509 certificate of the support.sourcefire.com SSL server",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6357"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005954"
},
{
"db": "CNVD",
"id": "CNVD-2015-07706"
},
{
"db": "BID",
"id": "77586"
},
{
"db": "VULHUB",
"id": "VHN-84318"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6357",
"trust": 3.4
},
{
"db": "SECTRACK",
"id": "1034161",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "134390",
"trust": 1.1
},
{
"db": "BID",
"id": "77586",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005954",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2015-07706",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201511-288",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-84318",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07706"
},
{
"db": "VULHUB",
"id": "VHN-84318"
},
{
"db": "BID",
"id": "77586"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005954"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-288"
},
{
"db": "NVD",
"id": "CVE-2015-6357"
}
]
},
"id": "VAR-201511-0012",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07706"
},
{
"db": "VULHUB",
"id": "VHN-84318"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07706"
}
]
},
"last_update_date": "2025-04-13T23:23:43.033000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20151116-fmc",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151116-fmc"
},
{
"title": "Cisco FireSIGHT Management Center Enter the fix for the verification vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58772"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005954"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-288"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84318"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005954"
},
{
"db": "NVD",
"id": "CVE-2015-6357"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151116-fmc"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/536913/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2015/nov/79"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/134390/cisco-firesight-management-center-certificate-validation.html"
},
{
"trust": 1.1,
"url": "http://wadofstuff.blogspot.com.au/2015/11/cve-2015-6357-firepwner-exploit-for.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034161"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6357"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6357"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07706"
},
{
"db": "VULHUB",
"id": "VHN-84318"
},
{
"db": "BID",
"id": "77586"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005954"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-288"
},
{
"db": "NVD",
"id": "CVE-2015-6357"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-07706"
},
{
"db": "VULHUB",
"id": "VHN-84318"
},
{
"db": "BID",
"id": "77586"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005954"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-288"
},
{
"db": "NVD",
"id": "CVE-2015-6357"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07706"
},
{
"date": "2015-11-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84318"
},
{
"date": "2015-11-16T00:00:00",
"db": "BID",
"id": "77586"
},
{
"date": "2015-11-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005954"
},
{
"date": "2015-11-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-288"
},
{
"date": "2015-11-18T11:59:01.387000",
"db": "NVD",
"id": "CVE-2015-6357"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07706"
},
{
"date": "2018-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-84318"
},
{
"date": "2015-11-16T00:00:00",
"db": "BID",
"id": "77586"
},
{
"date": "2015-11-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005954"
},
{
"date": "2015-11-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-288"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-6357"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-288"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco FireSIGHT Management Center In the rule update function of SSL Vulnerability impersonating a server",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005954"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-288"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…