Vulnerability Details CVE-2015-6427
Cisco FireSIGHT Management Center allows remote attackers to bypass the HTTP attack detection feature and avoid triggering Snort IDS rules via an SSL session that is mishandled after decryption, aka Bug ID CSCux53437.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.0%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2015-6427
-
cpe:2.3:a:cisco:firesight_system_software:5.3.0
-
cpe:2.3:a:cisco:firesight_system_software:5.3.0.1
-
cpe:2.3:a:cisco:firesight_system_software:5.3.0.2
-
cpe:2.3:a:cisco:firesight_system_software:5.3.1
-
cpe:2.3:a:cisco:firesight_system_software:5.3.1.1
-
cpe:2.3:a:cisco:firesight_system_software:5.3.1.2
-
cpe:2.3:a:cisco:firesight_system_software:5.3.1.3
-
cpe:2.3:a:cisco:firesight_system_software:5.3.1.4
-
cpe:2.3:a:cisco:firesight_system_software:5.3.1.5
-
cpe:2.3:a:cisco:firesight_system_software:5.3.1.7
-
cpe:2.3:a:cisco:firesight_system_software:5.4.0
-
cpe:2.3:a:cisco:firesight_system_software:5.4.0.1
-
cpe:2.3:a:cisco:firesight_system_software:5.4.0.4
-
cpe:2.3:a:cisco:firesight_system_software:5.4.1
-
cpe:2.3:a:cisco:firesight_system_software:5.4.1.2
-
cpe:2.3:a:cisco:firesight_system_software:5.4.1.3
-
cpe:2.3:a:cisco:firesight_system_software:5.4.1.4
-
cpe:2.3:a:cisco:firesight_system_software:6.0.0
-
cpe:2.3:a:cisco:firesight_system_software:6.0.0.1
-
cpe:2.3:a:cisco:firesight_system_software:6.0.1