File Reading Vulnerability in Cisco IronPort Encryption Appliance
CVE-2010-0144

Currently unrated

Key Information:

Vendor
Cisco
Status
Ironport Encryption Appliance
Ironport Postx
Vendor
CVE Published:
11 February 2010

Summary

The Cisco IronPort Encryption Appliance contains a vulnerability in the WebSafe DistributorServlet within its embedded HTTPS server, which allows remote attackers to read arbitrary files. This vulnerability affects specific versions of the device, enabling unauthorized access without proper authentication. The flaw highlights the necessity for meticulous security practices and timely updates to mitigate potential risks. Organizations using the affected versions should undertake immediate actions to apply patches or implement workarounds as described in Cisco’s security advisories.

References

http://www.cisco.com/en/US/products/products_applied_miti...
x_refsource_CONFIRM
http://secunia.com/advisories/38525
third-party-advisoryx_refsource_SECUNIA
http://www.cisco.com/en/US/products/products_security_adv...
vendor-advisoryx_refsource_CISCO

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.