CVE-2015-6357 - OpenCVE

The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 through 5.4.0.1 does not verify the X.509 certificate of the support.sourcefire.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide an invalid package, and consequently execute arbitrary code, via a crafted certificate, aka Bug ID CSCuw06444.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Firesight System Software

Configuration 1 [-]

OR	cpe:2.3:a:cisco:firesight_system_software:5.2.0:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.0:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.1.1:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.1.2:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.3.1.5:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.0:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.0.1:::::::*

No data.

References

Link	Providers
http://packetstormsecurity.com/files/134390/Cisco-FireSIGHT-Management-Center-Certificate-Validation.html
http://seclists.org/fulldisclosure/2015/Nov/79
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151116-fmc
http://wadofstuff.blogspot.com.au/2015/11/cve-2015-6357-firepwner-exploit-for.html
http://www.securityfocus.com/archive/1/536913/100/0/threaded
http://www.securitytracker.com/id/1034161

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2015-11-18T11:00:00

Updated: 2024-08-06T07:22:20.958Z

Reserved: 2015-08-17T00:00:00

Link: CVE-2015-6357

Vulnrichment

No data.

NVD

Status : Modified

Published: 2015-11-18T11:59:01.387

Modified: 2018-10-09T19:57:48.830

Link: CVE-2015-6357

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-11-16T00:00:00", "descriptions": [{"lang": "en", "value": "The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 through 5.4.0.1 does not verify the X.509 certificate of the support.sourcefire.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide an invalid package, and consequently execute arbitrary code, via a crafted certificate, aka Bug ID CSCuw06444."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "1034161", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1034161"}, {"name": "20151116 Cisco FireSIGHT Management Center Certificate Validation Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151116-fmc"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/134390/Cisco-FireSIGHT-Management-Center-Certificate-Validation.html"}, {"tags": ["x_refsource_MISC"], "url": "http://wadofstuff.blogspot.com.au/2015/11/cve-2015-6357-firepwner-exploit-for.html"}, {"name": "20151116 CVE-2015-6357: Cisco FireSIGHT Management Center SSL Validation Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/536913/100/0/threaded"}, {"name": "20151117 CVE-2015-6357: Cisco FireSIGHT Management Center SSL Validation Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2015/Nov/79"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2015-6357", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 through 5.4.0.1 does not verify the X.509 certificate of the support.sourcefire.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide an invalid package, and consequently execute arbitrary code, via a crafted certificate, aka Bug ID CSCuw06444."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1034161", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034161"}, {"name": "20151116 Cisco FireSIGHT Management Center Certificate Validation Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151116-fmc"}, {"name": "http://packetstormsecurity.com/files/134390/Cisco-FireSIGHT-Management-Center-Certificate-Validation.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/134390/Cisco-FireSIGHT-Management-Center-Certificate-Validation.html"}, {"name": "http://wadofstuff.blogspot.com.au/2015/11/cve-2015-6357-firepwner-exploit-for.html", "refsource": "MISC", "url": "http://wadofstuff.blogspot.com.au/2015/11/cve-2015-6357-firepwner-exploit-for.html"}, {"name": "20151116 CVE-2015-6357: Cisco FireSIGHT Management Center SSL Validation Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/536913/100/0/threaded"}, {"name": "20151117 CVE-2015-6357: Cisco FireSIGHT Management Center SSL Validation Vulnerability", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2015/Nov/79"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T07:22:20.958Z"}, "title": "CVE Program Container", "references": [{"name": "1034161", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1034161"}, {"name": "20151116 Cisco FireSIGHT Management Center Certificate Validation Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151116-fmc"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/134390/Cisco-FireSIGHT-Management-Center-Certificate-Validation.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://wadofstuff.blogspot.com.au/2015/11/cve-2015-6357-firepwner-exploit-for.html"}, {"name": "20151116 CVE-2015-6357: Cisco FireSIGHT Management Center SSL Validation Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/536913/100/0/threaded"}, {"name": "20151117 CVE-2015-6357: Cisco FireSIGHT Management Center SSL Validation Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2015/Nov/79"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2015-6357", "datePublished": "2015-11-18T11:00:00", "dateReserved": "2015-08-17T00:00:00", "dateUpdated": "2024-08-06T07:22:20.958Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CCC4B09D-E3B2-40B2-8704-010EDF605675", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "F1049BCE-4A7B-4636-9090-17724D5AFBA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "59A9002E-66A1-4C35-8D07-9BC438350081", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "34C49E27-A356-45E5-9FF3-242C37626718", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.3.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "A5273EE5-40CA-48B5-8F60-823CDB75F3A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "0EB13B96-D431-49BD-ADAB-9AE5DB559935", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "79AECC9E-657F-4BFF-B640-B96CD1384647", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 through 5.4.0.1 does not verify the X.509 certificate of the support.sourcefire.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide an invalid package, and consequently execute arbitrary code, via a crafted certificate, aka Bug ID CSCuw06444."}, {"lang": "es", "value": "La funcionalidad de actualizaci\u00f3n de reglas en Cisco FireSIGHT Management Center (MC) 5.2 hasta la versi\u00f3n 5.4.0.1 no verifica el certificado X.509 del servidor SSL support.sourcefire.com, lo que permite a atacantes man-in-the-middle suplantar \u00e9ste servidor y proveer un paquete invalido, y consecuentemente ejecutar c\u00f3digo arbitrario, a trav\u00e9s de un certificado manipulado, tambi\u00e9n conocida como Bug ID CSCuw06444."}], "id": "CVE-2015-6357", "lastModified": "2018-10-09T19:57:48.830", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-11-18T11:59:01.387", "references": [{"source": "ykramarz@cisco.com", "url": "http://packetstormsecurity.com/files/134390/Cisco-FireSIGHT-Management-Center-Certificate-Validation.html"}, {"source": "ykramarz@cisco.com", "url": "http://seclists.org/fulldisclosure/2015/Nov/79"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151116-fmc"}, {"source": "ykramarz@cisco.com", "url": "http://wadofstuff.blogspot.com.au/2015/11/cve-2015-6357-firepwner-exploit-for.html"}, {"source": "ykramarz@cisco.com", "url": "http://www.securityfocus.com/archive/1/536913/100/0/threaded"}, {"source": "ykramarz@cisco.com", "url": "http://www.securitytracker.com/id/1034161"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}