Remote Code Execution Vulnerability in Cisco Content Security Management Appliance
CVE-2020-3122

5.3MEDIUM

Key Information:

Vendor
Cisco
Status
Cisco Ironport Security Management Appliance
Cisco Secure Email And Web Manager
Vendor
CVE Published:
4 March 2025

Badges

👾 Exploit Exists

Summary

A security flaw in the web-based management interface of Cisco AsyncOS for the Content Security Management Appliance may permit an unauthenticated remote attacker to access confidential network information. This vulnerability underscores the importance of secure management practices and timely updates to safeguard sensitive data.

Affected Version(s)

Cisco IronPort Security Management Appliance

Cisco Secure Email and Web Manager 11.0.0(Ritz)-128

References

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvr92383

CVSS V3.0

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.