SSL Certificate Caching Vulnerability in Cisco Web Security Appliance
CVE-2012-0334

6.4MEDIUM

Key Information:

Vendor: Cisco
Status: Ironport Web Security Appliance Asyncos
Vendor: CVE Published:; 15 January 2020

What is CVE-2012-0334?

The Cisco IronPort Web Security Appliance, running AsyncOS software versions prior to 7.5, is susceptible to a vulnerability related to SSL certificate caching. This flaw could potentially allow attackers to intercept communications between clients and servers, leading to man-in-the-middle attacks. Such attacks could compromise the confidentiality and integrity of sensitive information, making it essential for organizations using the affected products to apply security updates promptly.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

IronPort Web Security Appliance AsyncOS prior to 7.5

References

http://www.securityfocus.com/bid/52981

x_refsource_MISC

https://tools.cisco.com/security/center/content/CiscoSecu...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 15, 2020
Vulnerability Reserved
Jan 4, 2012

JSON

Cisco

What is CVE-2012-0334?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.