1. Home
  2. CVE Database
  3. CVE-2015-6419
MEDIUM · 6.8

CVE-2015-6419

Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote authenticated users to read arbitrary files via a crafted GET request, aka Bug ID CSCur25410.

Vulnerability Description

Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote authenticated users to read arbitrary files via a crafted GET request, aka Bug ID CSCur25410.

CVSS Score

6.8

MEDIUM

AV:N/AC:L/Au:S/C:C/I:N/A:N
Confidentiality
COMPLETE
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
CiscoFiresight System Software4.10.3

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2015-6419?

CVE-2015-6419 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote authenticated users to read arbitrary files via a crafted GET request, aka Bug ID CSCur25410.

How severe is CVE-2015-6419?

CVE-2015-6419 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-6419?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Firesight System Software.