CVE-2015-4322

Currently unrated

Key Information:

Vendor: Cisco
Status: Content Security Management Appliance
Vendor: CVE Published:; 19 August 2015

Summary

Cisco Content Security Management Appliance (SMA) 8.3.6-039, 9.1.0-31, and 9.1.0-103 improperly restricts the privileges available after LDAP authentication, which allows remote authenticated users to read or write to an arbitrary user's Spam Quarantine folder by visiting a spam-notification URL, aka Bug ID CSCuv65894.

References

http://www.securityfocus.com/bid/76365

vdb-entryx_refsource_BID

http://tools.cisco.com/security/center/viewAlert.x?alertI...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1033322

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Aug 19, 2015
Vulnerability Reserved
Jun 4, 2015