CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-4270

Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSIGHT System Software 5.3.1.5 and 6.0.0 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCuv22557, CSCuv22583, CSCuv22632, CSCuv22641, CSCuv22650, CSCuv22662, CSCuv22697, and CSCuv22702.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.6%

CVSS Severity

CVSS v2 Score 4.3

References

http://tools.cisco.com/security/center/viewAlert.x?alertId=39879
http://www.securitytracker.com/id/1032887
http://tools.cisco.com/security/center/viewAlert.x?alertId=39879
http://www.securitytracker.com/id/1032887

Products affected by CVE-2015-4270

Cisco » Firesight System Software » Version: 5.3.1.5

cpe:2.3:a:cisco:firesight_system_software:5.3.1.5
Cisco » Firesight System Software » Version: 6.0.0

cpe:2.3:a:cisco:firesight_system_software:6.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-4270

Products

Pricing

Contact Us