Remote Code Execution Vulnerability in Cisco IronPort Encryption Appliance
CVE-2010-0145

Currently unrated

Key Information:

Vendor: Cisco
Status: Ironport Encryption Appliance; Ironport Postx
Vendor: CVE Published:; 11 February 2010

Summary

An unspecified vulnerability exists in the embedded HTTPS server on specific versions of the Cisco IronPort Encryption Appliance and the IronPort PostX MAP. This flaw may allow remote attackers to execute arbitrary code, exploiting the system through various, yet unidentified, vectors. Organizations using affected versions must prioritize patching to prevent potential exploitation.

References

http://www.cisco.com/en/US/products/products_applied_miti...

x_refsource_CONFIRM

http://secunia.com/advisories/38525

third-party-advisoryx_refsource_SECUNIA

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Feb 11, 2010
Vulnerability Reserved
Jan 4, 2010