Remote Access Vulnerability in Cisco Mobility Services Engine
CVE-2013-3469

Currently unrated

Key Information:

Vendor: Cisco
Status: Mobility Services Engine
Vendor: CVE Published:; 4 September 2013

Summary

The Cisco Mobility Services Engine has a flaw that improperly configures the Oracle SSL service, enabling remote attackers to secure an unauthenticated session to the database-replication port. This could potentially lead to unauthorized access to sensitive information through an SSL connection, exposing the security of the database systems linked to the engine.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1028972

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Sep 4, 2013
Vulnerability Reserved
May 6, 2013