
====================================================================

                              CERT-Renater

                    Note d'Information No. 2016/VULN023
_____________________________________________________________________

DATE                : 18/01/2016

HARDWARE PLATFORM(S): Cisco FireSIGHT.

OPERATING SYSTEM(S): Cisco FireSIGHT software.

======================================================================
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-FireSIGHT
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-fmc1
_____________________________________________________________________


Cisco Security Advisory

Cisco FireSIGHT Management Center Stored Cross-Site Scripting 
Vulnerabilities

Medium

Advisory ID:
cisco-sa-20160115-FireSIGHT

Published:
2016 January 15 11:00 GMT

Version 1.0:
Final

CVSS Score:
Base - 4.3

Workarounds:
No workarounds available

Cisco Bug IDs:
CSCuw89080
CSCuw89129
CSCux40414
CSCux40464
CSCux40508
CSCux40619
CSCux40639
CSCux40654
CSCux40714
CSCux40731
CVE-2016-1293
CWE-79


Multiple vulnerabilities in the web framework of Cisco FireSIGHT
Management Center could allow an unauthenticated, remote attacker to
execute a stored cross-site scripting (XSS) attack against a user of
the Cisco FireSIGHT Management Center web interface.

The vulnerabilities are due to improper sanitization of parameter
values. An attacker could exploit these vulnerabilities by injecting
malicious code into an affected parameter and persuading a user to
access a web page that requires reading or executing the parameter.

Cisco released software updates that address these vulnerabilities.
There are no workarounds that mitigate these vulnerabilities.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-FireSIGHT

Vulnerable Products

Cisco FireSIGHT Management Center running on Cisco FireSIGHT System
Software Releases 6.0.0 and 6.0.1 are vulnerable.

Products Confirmed Not Vulnerable

No other Cisco products are currently known to be affected by these
vulnerabilities.

For additional information about cross-site scripting attacks and the
methods used to exploit these vulnerabilities, see the Cisco Applied
Mitigation Bulletin Understanding Cross-Site Scripting (XSS) Threat
Vectors.

When considering software upgrades, customers are advised to consult
the Cisco Security Advisories and Responses archive at
http://www.cisco.com/go/psirt and review subsequent advisories to
determine exposure and a complete upgrade solution.

In all cases, customers should ensure that the devices to upgrade
contain sufficient memory and confirm that current hardware and
software configurations will continue to be supported properly by the
new release. If the information is not clear, customers are advised to
contact the Cisco Technical Assistance Center (TAC) or their contracted
maintenance providers.

The Cisco Product Security Incident Response Team (PSIRT) is not aware
of any public announcements or malicious use of the vulnerability that
is described in this advisory.

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-FireSIGHT

Version	Description		Section	Status	Date

1.0 	Initial public release. -	Final 	2016-January-15

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY
KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT
YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME.

A standalone copy or paraphrase of the text of this document that omits
the distribution URL is an uncontrolled copy and may lack important
information or contain factual errors. The information in this document
is intended for end users of Cisco products.

_____________________________________________________________________


Cisco Security Advisory

Cisco FireSIGHT Management Center DOM-Based Cross-Site Scripting 
Vulnerability

Medium

Advisory ID:
cisco-sa-20160115-fmc1

Published:
2016 January 15 20:38 GMT

Version 1.0:
Final

CVSS Score:
Base - 4.3

Workarounds:
No workarounds available

Cisco Bug IDs:
CSCuw89094
CSCuw89138
CVE-2016-1294
CWE-79


Cisco FireSIGHT Management Center (MC) contains a DOM-based cross-site
scripting vulnerability (XSS) in the management page. An
unauthenticated, remote attacker could persuade a user to perform a
malicious action, allowing the attacker to perform a XSS attack.

The vulnerability is due to mishandling of certain attributes that are
processed in cookies passed as part of a request. A successful exploit
could allow the attacker to execute arbitrary script or HTML code on
the user's browser in the context of the affected site.

Cisco has not released software updates that address this
vulnerability.

Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-fmc1

Vulnerable Products

Cisco FireSIGHT MC running on Cisco FireSIGHT System Software release
6.0.1 is vulnerable.

Products Confirmed Not Vulnerable

No other Cisco products are currently known to be affected by this
vulnerability.

Workarounds are not available.

When considering software upgrades, customers are advised to consult
the Cisco Security Advisories and Responses archive at
http://www.cisco.com/go/psirt and
review subsequent advisories to determine exposure and a complete
upgrade solution.

In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and
software configurations will continue to be supported properly by the
new release. If the information is not clear, customers are advised to
contact the Cisco Technical Assistance Center (TAC) or their contracted
maintenance providers.

The Cisco Product Security Incident Response Team (PSIRT) is not aware
of any public announcements or malicious use of the vulnerability that
is described in this advisory.

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-fmc1

Version Description 		Section Status 	Date

1.0	Initial public release	-	Final	2016-January-15

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY
KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT
YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME.

A standalone copy or paraphrase of the text of this document that omits
the distribution URL is an uncontrolled copy and may lack important
information or contain factual errors. The information in this document
is intended for end users of Cisco products.

==========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================