Home Unlabelled Cisco Content Security Management Appliance Information Disclosure Vulnerability

Cisco Content Security Management Appliance Information Disclosure Vulnerability

By
Wednesday, September 04, 2019
Read
Add Comment

A vulnerability in the authorization module of Cisco Content Security Management Appliance (SMA) Software could allow an authenticated, remote attacker to gain out-of-scope access to email.

The vulnerability exists because the affected software does not correctly implement role permission controls. An attacker could exploit this vulnerability by using a custom role with specific permissions. A successful exploit could allow the attacker to access the spam quarantine of other users.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190904-sma-info-dis


Security Impact Rating: Medium
CVE: CVE-2019-12635

from Cisco Security Advisory https://ift.tt/2zRxcSQ
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us