HomePentest-Tools.com Logo

Cisco FireSIGHT Management Center Cross-Site Scripting / HTML Injection Vulnerability CVE-2015-6354CVE-2015-6353

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

A vulnerability in the web interface of Cisco FireSIGHT Management Center (MC) could allow an authenticated, remote attacker to modify a page of the web interface.

Risk description

The vulnerability is due to improper sanitization of parameter values. An attacker could exploit this vulnerability by injecting malicious code into an affected parameter and convincing the user to access a web page that would trigger the rendering of the injected code.

Recommendation

See vendor advisory

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Oct 31, 2015
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available