CVE-2015-4242

Cisco FireSIGHT System Software 5.4.1.2 and 6.0.0 - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 5.4.1.2 and 6.0.0 in FireSIGHT Management Center allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu94721.

References (2)

Core 2
Core References
Vendor Advisory vendor-advisory x_refsource_cisco
http://tools.cisco.com/security/center/viewAlert.x?alertId=39643
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1032806

Scores

EPSS 0.0100
EPSS Percentile 58.5%

Details

CWE
CWE-352
Status published
Products (2)
cisco/firesight_system_software 5.4.1.2
cisco/firesight_system_software 6.0.0
Published Jul 08, 2015
Tracked Since Feb 18, 2026