Cross-Site Request Forgery Vulnerability in Cisco IronPort Products
CVE-2009-0055

Currently unrated

Key Information:

Vendor: Cisco
Status: Ironport Encryption Appliance; Ironport Postx
Vendor: CVE Published:; 16 January 2009

Summary

A cross-site request forgery (CSRF) vulnerability exists in the administration interface of certain versions of the Cisco IronPort Encryption Appliance and IronPort PostX. This flaw allows remote attackers to perform unauthorized actions on behalf of legitimate users without their consent, potentially leading to modification of appliance preferences. It is crucial for users of affected versions to apply the necessary patches to mitigate this risk and secure their systems.

References

http://www.securityfocus.com/bid/33268

vdb-entryx_refsource_BID

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

http://osvdb.org/51397

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Jan 16, 2009
Vulnerability Reserved
Jan 7, 2009