Unauthorized File Access in Cisco IronPort Encryption Appliance
CVE-2010-0143

Currently unrated

Key Information:

Vendor
Cisco
Status
Ironport Encryption Appliance
Ironport Postx
Vendor
CVE Published:
11 February 2010

Summary

The administrative interface of the embedded HTTPS server on specific versions of Cisco IronPort Encryption Appliance is susceptible to a vulnerability that enables remote attackers to read arbitrary files. This issue affects the 6.2.x versions prior to 6.2.9.1, the 6.5.x versions prior to 6.5.2, and the IronPort PostX MAP prior to 6.2.9.1. The root cause of this vulnerability lies in unspecified vectors allowing for unauthorized file access, posing significant security risks.

References

http://www.cisco.com/en/US/products/products_applied_miti...
x_refsource_CONFIRM
http://secunia.com/advisories/38525
third-party-advisoryx_refsource_SECUNIA
http://www.cisco.com/en/US/products/products_security_adv...
vendor-advisoryx_refsource_CISCO

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.