CVE-2012-0334

6.4MEDIUM

Key Information:

Vendor: Cisco
Status: Ironport Web Security Appliance Asyncos
Vendor: CVE Published:; 15 January 2020

Summary

Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 has a SSL Certificate Caching vulnerability which could allow man-in-the-middle attacks

Affected Version(s)

IronPort Web Security Appliance AsyncOS prior to 7.5

References

http://www.securityfocus.com/bid/52981

x_refsource_MISC

https://tools.cisco.com/security/center/content/CiscoSecu...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 15, 2020
Vulnerability Reserved
Jan 4, 2012