SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   Cisco FireSIGHT Vendors:   Cisco
Cisco FireSIGHT Management Center for VMware Lets Remote Authenticated Users Gain Elevated Privileges
SecurityTracker Alert ID:  1033873
SecurityTracker URL:  http://securitytracker.com/id/1033873
CVE Reference:   CVE-2015-6335   (Links to External Site)
Date:  Oct 20 2015
Impact:   Root access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): FireSIGHT Management Center for VMware; 5.3.1.7, 5.4.0.4, 6.0.0
Description:   A vulnerability was reported in Cisco FireSIGHT Management Center for VMware. A remote authenticated user can gain elevated privileges.

A remote authenticated administrative user can trigger an input validation flaw and bypass policy restrictions to execute commands on the underlying Linux operating system with root privileges.

The vendor has assigned bug ID CSCuw12839 to this vulnerability.

Impact:   A remote authenticated administrative user can gain elevated privileges on the target system.
Solution:   The vendor has issued a fix.

The vendor's advisory is available at:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151016-fmc

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151016-fmc (Links to External Site)
Cause:   Input validation error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC