CVE-2015-0624

Currently unrated

Key Information:

Vendor: Cisco
Status: Content Security Management Appliance; Web Security Appliance; Email Security Appliance Firmware
Vendor: CVE Published:; 21 February 2015

Summary

The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), and Web Security Appliance (WSA) devices allows remote attackers to trigger redirects via a crafted HTTP header, aka Bug IDs CSCur44412, CSCur44415, CSCur89630, CSCur89636, CSCur89633, and CSCur89639.

References

http://packetstormsecurity.com/files/130525/Cisco-Ironpor...

x_refsource_MISC

http://www.securitytracker.com/id/1031782

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/72702

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Feb 21, 2015
Vulnerability Reserved
Jan 7, 2015