Remote Code Execution Vulnerability in Cisco IronPort Encryption Appliance
CVE-2010-0145

Currently unrated

Key Information:

Vendor: Cisco
Status: Ironport Encryption Appliance; Ironport Postx
Vendor: CVE Published:; 11 February 2010

What is CVE-2010-0145?

An unspecified vulnerability exists in the embedded HTTPS server on specific versions of the Cisco IronPort Encryption Appliance and the IronPort PostX MAP. This flaw may allow remote attackers to execute arbitrary code, exploiting the system through various, yet unidentified, vectors. Organizations using affected versions must prioritize patching to prevent potential exploitation.

References

http://www.cisco.com/en/US/products/products_applied_miti...

x_refsource_CONFIRM

http://secunia.com/advisories/38525

third-party-advisoryx_refsource_SECUNIA

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 11, 2010
Vulnerability Reserved
Jan 4, 2010