CVE-2015-0706
First published: Thu Apr 23 2015(Updated: )
Open redirect vulnerability in Cisco FireSIGHT System Software 5.3.1.1, 5.3.1.2, and 6.0.0 in FireSIGHT Management Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted HTTP header, aka Bug IDs CSCut06060, CSCut06056, and CSCus98966.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco FireSIGHT System Software | =5.3.1.1 | |
| Cisco FireSIGHT System Software | =5.3.1.2 | |
| Cisco FireSIGHT System Software | =6.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2015-0706?
CVE-2015-0706 has been assigned a medium severity rating due to its potential for phishing attacks.
How do I fix CVE-2015-0706?
To fix CVE-2015-0706, upgrade to a patched version of Cisco FireSIGHT System Software.
What types of attacks can exploit CVE-2015-0706?
CVE-2015-0706 can be exploited to conduct open redirect attacks, allowing attackers to redirect users to malicious sites.
Which versions of Cisco FireSIGHT System Software are affected by CVE-2015-0706?
The affected versions are Cisco FireSIGHT System Software 5.3.1.1, 5.3.1.2, and 6.0.0.
Who can exploit CVE-2015-0706?
Remote attackers can exploit CVE-2015-0706 by sending crafted HTTP headers to the affected system.
- collector/nvd-index
- agent/author
- agent/type
- agent/event
- agent/references
- agent/severity
- agent/tags
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/cisco
- canonical/cisco firesight system software
- version/cisco firesight system software/5.3.1.1
- version/cisco firesight system software/5.3.1.2
- version/cisco firesight system software/6.0.0