VAR-201512-0387
Vulnerability from variot - Updated: 2025-04-12 23:28Cisco FirePOWER Management Center 5.4.1.3, 6.0.0, and 6.0.1 provides verbose responses to requests for help files, which allows remote attackers to obtain potentially sensitive version information by reading an unspecified field, aka Bug ID CSCux37061. Vendors have confirmed this vulnerability Bug ID CSCux37061 It is released as.By reading unspecified fields by a third party, important version information may be obtained. The Cisco FirePOWER Management Center is the next-generation firewall management center software from Cisco. An attacker could exploit the vulnerability to gain access to sensitive information. This issue being tracked by Cisco Bug ID CSCux37061
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201512-0387",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "firepower management center",
"scope": "eq",
"trust": 2.0,
"vendor": "cisco",
"version": "5.4.1.3"
},
{
"model": "firepower management center",
"scope": "eq",
"trust": 2.0,
"vendor": "cisco",
"version": "6.0.0"
},
{
"model": "firepower management center",
"scope": "eq",
"trust": 2.0,
"vendor": "cisco",
"version": "6.0.1"
},
{
"model": "secure firewall management center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0.0"
},
{
"model": "secure firewall management center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.4.1.3"
},
{
"model": "secure firewall management center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0.1"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08312"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006447"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-174"
},
{
"db": "NVD",
"id": "CVE-2015-6411"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:firepower_management_center",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006447"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "78740"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-174"
}
],
"trust": 0.9
},
"cve": "CVE-2015-6411",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6411",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-08312",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-84372",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6411",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6411",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-08312",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201512-174",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84372",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08312"
},
{
"db": "VULHUB",
"id": "VHN-84372"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006447"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-174"
},
{
"db": "NVD",
"id": "CVE-2015-6411"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco FirePOWER Management Center 5.4.1.3, 6.0.0, and 6.0.1 provides verbose responses to requests for help files, which allows remote attackers to obtain potentially sensitive version information by reading an unspecified field, aka Bug ID CSCux37061. Vendors have confirmed this vulnerability Bug ID CSCux37061 It is released as.By reading unspecified fields by a third party, important version information may be obtained. The Cisco FirePOWER Management Center is the next-generation firewall management center software from Cisco. An attacker could exploit the vulnerability to gain access to sensitive information. \nThis issue being tracked by Cisco Bug ID CSCux37061",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6411"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006447"
},
{
"db": "CNVD",
"id": "CNVD-2015-08312"
},
{
"db": "BID",
"id": "78740"
},
{
"db": "VULHUB",
"id": "VHN-84372"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6411",
"trust": 3.4
},
{
"db": "BID",
"id": "78740",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006447",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201512-174",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-08312",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-84372",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08312"
},
{
"db": "VULHUB",
"id": "VHN-84372"
},
{
"db": "BID",
"id": "78740"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006447"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-174"
},
{
"db": "NVD",
"id": "CVE-2015-6411"
}
]
},
"id": "VAR-201512-0387",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08312"
},
{
"db": "VULHUB",
"id": "VHN-84372"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08312"
}
]
},
"last_update_date": "2025-04-12T23:28:44.977000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20151209-fmc",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-fmc"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006447"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84372"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006447"
},
{
"db": "NVD",
"id": "CVE-2015-6411"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/78740"
},
{
"trust": 2.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151209-fmc"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6411"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6411"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08312"
},
{
"db": "VULHUB",
"id": "VHN-84372"
},
{
"db": "BID",
"id": "78740"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006447"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-174"
},
{
"db": "NVD",
"id": "CVE-2015-6411"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-08312"
},
{
"db": "VULHUB",
"id": "VHN-84372"
},
{
"db": "BID",
"id": "78740"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006447"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-174"
},
{
"db": "NVD",
"id": "CVE-2015-6411"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-08312"
},
{
"date": "2015-12-15T00:00:00",
"db": "VULHUB",
"id": "VHN-84372"
},
{
"date": "2015-12-09T00:00:00",
"db": "BID",
"id": "78740"
},
{
"date": "2015-12-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006447"
},
{
"date": "2015-12-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-174"
},
{
"date": "2015-12-15T05:59:06.857000",
"db": "NVD",
"id": "CVE-2015-6411"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-08312"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-84372"
},
{
"date": "2015-12-09T00:00:00",
"db": "BID",
"id": "78740"
},
{
"date": "2015-12-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006447"
},
{
"date": "2015-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-174"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-6411"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-174"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco FirePOWER Management Center Software Information Disclosure Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08312"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-174"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-174"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…