Guest

Preview Tool

Cisco Bug: CSCze90248 - Cisco FireSIGHT Management Center System Policy Deletion Vulnerability

Last Modified

Aug 18, 2018

Products (8)

  • Cisco Firepower Management Center
  • Sourcefire Defense Center 1000 Chassis
  • Sourcefire Defense Center 500 Chassis
  • Cisco FireSIGHT Management Center 750
  • Cisco FireSIGHT Management Center 3500
  • Cisco FireSIGHT Management Center 1500
  • Sourcefire Defense Center 3000 Chassis
  • Cisco Firepower Management Center Virtual Appliance

Known Affected Releases

5.3.1

Description (partial)

Symptoms:
A vulnerability in web interface function to delete a System Policy configured in the Cisco FireSIGHT Management Center 
application could allow an unauthenticated, remote attacker to delete another system policy other than their own.

The vulnerability is due to improper input validation of certain fields of the HTTP POST request. An attacker could exploit t
his vulnerability by sending a crafted HTTP POST request with parameters of another system policy that the attacker is not
authorized to delete. An exploit could allow the attacker to compromise the integrity and potential availability of the application 
because a system policy was unexpected ly removed.

Conditions:
Device running with default configuration running an affected version of software.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.