CVE-2015-6419
Cisco FireSIGHT Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.1, 5.4.0 - Authenticated Arbitrary File Read
Title source: llmDescription
Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote authenticated users to read arbitrary files via a crafted GET request, aka Bug ID CSCur25410.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/79033
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151211-fmc
Scores
EPSS
0.0115
EPSS Percentile
63.0%
Details
CWE
CWE-200
Status
published
Products (5)
cisco/firesight_system_software
4.10.3
cisco/firesight_system_software
5.2.0
cisco/firesight_system_software
5.3.0
cisco/firesight_system_software
5.3.1
cisco/firesight_system_software
5.4.0
Published
Dec 12, 2015
Tracked Since
Feb 18, 2026