Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco firesight system software 5.4.0 vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2015-8139
ntpq in NTP prior to 4.2.8p7 allows remote malicious users to obtain origin timestamps and then impersonate peers via unspecified vectors.
Ntp Ntp
5.3
CVSSv3
CVE-2016-6396
Cisco Firepower Management Center prior to 6.1 and FireSIGHT System Software prior to 6.1, when certain malware blocking options are enabled, allow remote malicious users to bypass malware detection via crafted fields in HTTP headers, aka Bug ID CSCuz44482.
Cisco Firesight System Software 5.3.0.1
Cisco Firesight System Software 5.3.0.2
Cisco Firesight System Software 5.4.0.2
Cisco Firesight System Software 5.3.1.5
Cisco Firesight System Software 5.4.0
Cisco Firesight System Software 5.1.0.3
Cisco Firesight System Software 5.4.0.5
Cisco Firesight System Software 5.2.0.3
Cisco Firesight System Software 5.4.1.4
Cisco Firesight System Software 5.2.0.1
Cisco Firesight System Software 5.2.0.6
Cisco Firesight System Software 5.1.1.11
Cisco Firesight System Software 5.1.1.2
Cisco Firesight System Software 5.1.1.1
Cisco Firesight System Software 5.1.1.4
Cisco Firesight System Software 5.1.1.5
Cisco Firesight System Software 5.2.0.8
Cisco Firesight System Software 5.4.1.2
Cisco Firesight System Software 5.4.1
Cisco Firesight System Software 5.1.0.1
Cisco Firesight System Software 5.1.1.10
Cisco Firesight System Software 5.4.0.6
4.8
CVSSv3
CVE-2015-8140
The ntpq protocol in NTP prior to 4.2.8p7 allows remote malicious users to conduct replay attacks by sniffing the network.
Ntp Ntp
4.3
CVSSv3
CVE-2015-7976
The ntpq saveconfig command in NTP 4.1.2, 4.2.x prior to 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows malicious users to cause unspecified impact via a crafted filename.
Ntp Ntp 4.1.2
Ntp Ntp
Ntp Ntp 4.3.80
Ntp Ntp 4.3.51
Ntp Ntp 4.3.17
Ntp Ntp 4.3.30
Ntp Ntp 4.3.74
Ntp Ntp 4.3.67
Ntp Ntp 4.3.14
Ntp Ntp 4.3.27
Ntp Ntp 4.3.13
Ntp Ntp 4.3.36
Ntp Ntp 4.3.16
Ntp Ntp 4.3.35
Ntp Ntp 4.3.53
Ntp Ntp 4.3.64
Ntp Ntp 4.3.20
Ntp Ntp 4.3.40
Ntp Ntp 4.3.68
Ntp Ntp 4.3.46
Ntp Ntp 4.3.77
Ntp Ntp 4.3.1
NA
CVE-2015-6427
Cisco FireSIGHT Management Center allows remote malicious users to bypass the HTTP attack detection feature and avoid triggering Snort IDS rules via an SSL session that is mishandled after decryption, aka Bug ID CSCux53437.
Cisco Firesight System Software 5.3.0.1
Cisco Firesight System Software 5.3.0.2
Cisco Firesight System Software 5.3.1.5
Cisco Firesight System Software 5.4.0
Cisco Firesight System Software 5.4.1.4
Cisco Firesight System Software 5.4.1.2
Cisco Firesight System Software 5.4.1
Cisco Firesight System Software 5.3.1.3
Cisco Firesight System Software 5.4.1.3
Cisco Firesight System Software 5.3.1
Cisco Firesight System Software 5.3.1.1
Cisco Firesight System Software 5.3.1.4
Cisco Firesight System Software 5.3.1.2
Cisco Firesight System Software 5.3.0
Cisco Firesight System Software 6.0.0.1
Cisco Firesight System Software 6.0.0
Cisco Firesight System Software 6.0.1
Cisco Firesight System Software 5.4.0.4
Cisco Firesight System Software 5.4.0.1
Cisco Firesight System Software 5.3.1.7
NA
CVE-2015-6419
Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote authenticated users to read arbitrary files via a crafted GET request, aka Bug ID CSCur25410.
Cisco Firesight System Software 5.4.0
Cisco Firesight System Software 5.2.0
Cisco Firesight System Software 5.3.1
Cisco Firesight System Software 4.10.3
Cisco Firesight System Software 5.3.0
NA
CVE-2015-6357
The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 up to and including 5.4.0.1 does not verify the X.509 certificate of the support.sourcefire.com SSL server, which allows man-in-the-middle malicious users to spoof this server and provide an invalid package, an...
Cisco Firesight System Software 5.3.1.5
Cisco Firesight System Software 5.4.0
Cisco Firesight System Software 5.2.0
Cisco Firesight System Software 5.3.1.1
Cisco Firesight System Software 5.3.1.2
Cisco Firesight System Software 5.3.0
Cisco Firesight System Software 5.4.0.1
1 Github repository
NA
CVE-2015-6353
Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight Management Center (MC) 5.3.1.5 and 5.4.x up to and including 5.4.1.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuu28922.
Cisco Firesight System Software 5.3.1.5
Cisco Firesight System Software 5.4.0
Cisco Firesight System Software 5.4.1.2
Cisco Firesight System Software 5.4.1
Cisco Firesight System Software 5.4.1.3
Cisco Firesight System Software 5.4.0.4
Cisco Firesight System Software 5.4.0.1
NA
CVE-2015-1787
The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL 1.0.2 prior to 1.0.2a, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allows remote malicious users to cause a denial of service (daemon crash) via a ClientKeyExchange message w...
Openssl Openssl 1.0.2
NA
CVE-2015-0207
The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 prior to 1.0.2a does not properly isolate the state information of independent data streams, which allows remote malicious users to cause a denial of service (application crash) via crafted DTLS traffic, as demonstrated by DT...
Openssl Openssl 1.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »