Multiple XSS Vulnerabilities in Cisco Email Security Appliance and Content Security Management Appliance
CVE-2015-0577

Currently unrated

Key Information:

Vendor

Cisco
Status
Asyncos
Vendor
CVE Published:
14 January 2015

What is CVE-2015-0577?

Multiple cross-site scripting (XSS) vulnerabilities exist in the IronPort Spam Quarantine (ISQ) management page within Cisco AsyncOS. These vulnerabilities permit remote attackers to inject arbitrary web scripts or HTML by exploiting unspecified parameters. This could potentially allow for unauthorized actions or information disclosure on behalf of the user within the affected applications.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/62289
third-party-advisoryx_refsource_SECUNIA
http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO
https://exchange.xforce.ibmcloud.com/vulnerabilities/100556
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.