What is the severity of CVE-2017-6715?

CVE-2017-6715 has a medium severity rating, highlighting its potential impact on the web interface of Cisco Firepower Management Center.

How do I fix CVE-2017-6715?

To mitigate CVE-2017-6715, upgrade to a fixed release of Cisco Firepower Management Center, specifically versions after 5.4.1.

Who is affected by CVE-2017-6715?

CVE-2017-6715 affects authenticated users of Cisco Firepower Management Center versions 5.4.1.x and prior.

What kind of attack can occur due to CVE-2017-6715?

CVE-2017-6715 allows authenticated, remote attackers to conduct cross-site scripting (XSS) attacks.

Is CVE-2017-6715 exploitable without authentication?

No, CVE-2017-6715 requires an attacker to be authenticated to exploit the vulnerability.

Vulnerability/
CVE-2017-6715

medium

5.4

CWE

4/7/2017

26/11/2024

CVE-2017-6715: XSS

First published: Tue Jul 04 2017(Updated: )

A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. Affected Products: Cisco Firepower Management Center Releases 5.4.1.x and prior. More Information: CSCuy88951. Known Affected Releases: 5.4.1.6.

Credit: ykramarz@cisco.com ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Secure Firewall Management Center	=5.4.0
Cisco Secure Firewall Management Center	=5.4.0.2
Cisco Secure Firewall Management Center	=5.4.1
Cisco Secure Firewall Management Center	=5.4.1.1
Cisco Secure Firewall Management Center	=5.4.1.2
Cisco Secure Firewall Management Center	=5.4.1.3
Cisco Secure Firewall Management Center	=5.4.1.4
Cisco Secure Firewall Management Center	=5.4.1.5
Cisco Secure Firewall Management Center	=5.4.1.6
Cisco Firepower Management Center Software	=5.4.0
Cisco Firepower Management Center Software	=5.4.0.2
Cisco Firepower Management Center Software	=5.4.1
Cisco Firepower Management Center Software	=5.4.1.1
Cisco Firepower Management Center Software	=5.4.1.2
Cisco Firepower Management Center Software	=5.4.1.3
Cisco Firepower Management Center Software	=5.4.1.4
Cisco Firepower Management Center Software	=5.4.1.5
Cisco Firepower Management Center Software	=5.4.1.6

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-6715?
CVE-2017-6715 has a medium severity rating, highlighting its potential impact on the web interface of Cisco Firepower Management Center.
How do I fix CVE-2017-6715?
To mitigate CVE-2017-6715, upgrade to a fixed release of Cisco Firepower Management Center, specifically versions after 5.4.1.
Who is affected by CVE-2017-6715?
CVE-2017-6715 affects authenticated users of Cisco Firepower Management Center versions 5.4.1.x and prior.
What kind of attack can occur due to CVE-2017-6715?
CVE-2017-6715 allows authenticated, remote attackers to conduct cross-site scripting (XSS) attacks.
Is CVE-2017-6715 exploitable without authentication?
No, CVE-2017-6715 requires an attacker to be authenticated to exploit the vulnerability.

agent/type
agent/references
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/description
agent/first-publish-date
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/last-modified-date
agent/author
agent/event
agent/softwarecombine
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco secure firewall management center
version/cisco secure firewall management center/5.4.0
version/cisco secure firewall management center/5.4.0.2
version/cisco secure firewall management center/5.4.1
version/cisco secure firewall management center/5.4.1.1
version/cisco secure firewall management center/5.4.1.2
version/cisco secure firewall management center/5.4.1.3
version/cisco secure firewall management center/5.4.1.4
version/cisco secure firewall management center/5.4.1.5
version/cisco secure firewall management center/5.4.1.6
canonical/cisco firepower management center software
version/cisco firepower management center software/5.4.0
version/cisco firepower management center software/5.4.0.2
version/cisco firepower management center software/5.4.1
version/cisco firepower management center software/5.4.1.1
version/cisco firepower management center software/5.4.1.2
version/cisco firepower management center software/5.4.1.3
version/cisco firepower management center software/5.4.1.4
version/cisco firepower management center software/5.4.1.5
version/cisco firepower management center software/5.4.1.6

Frequently Asked Questions

What is the severity of CVE-2017-6715?
CVE-2017-6715 has a medium severity rating, highlighting its potential impact on the web interface of Cisco Firepower Management Center.
How do I fix CVE-2017-6715?
To mitigate CVE-2017-6715, upgrade to a fixed release of Cisco Firepower Management Center, specifically versions after 5.4.1.
Who is affected by CVE-2017-6715?
CVE-2017-6715 affects authenticated users of Cisco Firepower Management Center versions 5.4.1.x and prior.
What kind of attack can occur due to CVE-2017-6715?
CVE-2017-6715 allows authenticated, remote attackers to conduct cross-site scripting (XSS) attacks.
Is CVE-2017-6715 exploitable without authentication?
No, CVE-2017-6715 requires an attacker to be authenticated to exploit the vulnerability.

CVE-2017-6715: XSS

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-6715?

How do I fix CVE-2017-6715?

Who is affected by CVE-2017-6715?

What kind of attack can occur due to CVE-2017-6715?

Is CVE-2017-6715 exploitable without authentication?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2017-6715?

How do I fix CVE-2017-6715?

Who is affected by CVE-2017-6715?

What kind of attack can occur due to CVE-2017-6715?

Is CVE-2017-6715 exploitable without authentication?