Guest

Preview Tool

Cisco Bug: CSCut44881 - SF User Agent - Insecure File Permissions Vulnerability

Last Modified

Jan 27, 2017

Products (1)

  • Cisco Firepower Management Center

Known Affected Releases

2.2.0

Description (partial)

Symptoms:
A vulnerability in Cisco SourceFire User Agent could allow an authenticated, local attacker to access user readable database file and extracting
sensitive information.

The vulnerability is due to insufficient access controls. An attacker could exploit this vulnerability by loggin to the system and run some commands.
 
Conditions:
The attacker would need to be able to login to the system where the user agent is installed
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.