Search criteria

21 vulnerabilities found for ironport_postx by cisco

FKIE_CVE-2010-0144

Vulnerability from fkie_nvd - Published: 2010-02-11 17:30 - Updated: 2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65922.
References
psirt@cisco.comhttp://secunia.com/advisories/38525
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.htmlVendor Advisory
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38525
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtmlPatch, Vendor Advisory
Impacted products
Vendor Product Version
cisco ironport_encryption_appliance 6.2.4
cisco ironport_encryption_appliance 6.2.4.1
cisco ironport_encryption_appliance 6.2.5
cisco ironport_encryption_appliance 6.2.6
cisco ironport_encryption_appliance 6.2.7
cisco ironport_encryption_appliance 6.2.7.1
cisco ironport_encryption_appliance 6.2.7.2
cisco ironport_encryption_appliance 6.2.7.3
cisco ironport_encryption_appliance 6.2.7.4
cisco ironport_encryption_appliance 6.2.7.5
cisco ironport_encryption_appliance 6.2.7.6
cisco ironport_encryption_appliance 6.5
cisco ironport_encryption_appliance 6.5.0.1
cisco ironport_postx 6.2.1
cisco ironport_postx 6.2.2
cisco ironport_postx 6.2.2.1
cisco ironport_postx 6.2.2.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "41DF7FFA-66B5-45E8-B57E-FB307E4DB8CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3CAA06A-C849-49B9-B6B7-7E3BF41F705C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6539D9D7-E3DF-475C-B53D-CF11220FBA27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7486F8C6-F2E5-4790-BA3A-FA36CF7A8704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1262F096-DB00-4D52-894D-3BA812AEF570",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "097FCF52-65CF-4AF5-97BC-8B310610DFB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8A0A514-959C-4017-B0AB-AFC9D0A979E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06BEC91-C3A6-4590-94A7-EA783A12ABF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF9BCDE5-CEF8-4D25-AE6A-D4AF2B2DFBD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "90A1B821-0FDD-40C8-93FA-06BB895E83D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9EF0B9B-B5D9-4F2D-A4E9-24349747435A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CF6D489-B7EA-4705-B136-6B96CC179046",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "391503D9-FE43-4A34-A67D-AB3B52996FA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BACB1F5F-542E-44B2-AF54-6D61294E57A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA0DB42-01D6-4B14-934B-23C11CB8D062",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A66E714E-6414-4B3F-ABFB-8DE44F3E7065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0BE0FF-376B-4BA4-8CEF-EFCF3BDC1D4C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65922."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad sin especificar en WebSafe DistributorServlet en el servidor HTTPS embebido en el IronPort Encryption Appliance v6.2.x anterior a v6.2.9.1 y v6.5.x anterior a v6.5.2 y el IronPort PostX MAP anterior  a v6.2.9.1, permite a atacantes remotos leer archivos de su elecci\u00f3n a trav\u00e9s de vectores desconocidos. Tambi\u00e9n conocido como IronPort Bug 65922."
    }
  ],
  "id": "CVE-2010-0144",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 7.8,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-02-11T17:30:00.767",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/38525"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/38525"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2010-0145

Vulnerability from fkie_nvd - Published: 2010-02-11 17:30 - Updated: 2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to execute arbitrary code via unknown vectors, aka IronPort Bug 65923.
References
psirt@cisco.comhttp://secunia.com/advisories/38525
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.htmlVendor Advisory
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38525
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtmlPatch, Vendor Advisory
Impacted products
Vendor Product Version
cisco ironport_encryption_appliance 6.2.4
cisco ironport_encryption_appliance 6.2.4.1
cisco ironport_encryption_appliance 6.2.5
cisco ironport_encryption_appliance 6.2.6
cisco ironport_encryption_appliance 6.2.7
cisco ironport_encryption_appliance 6.2.7.1
cisco ironport_encryption_appliance 6.2.7.2
cisco ironport_encryption_appliance 6.2.7.3
cisco ironport_encryption_appliance 6.2.7.4
cisco ironport_encryption_appliance 6.2.7.5
cisco ironport_encryption_appliance 6.2.7.6
cisco ironport_encryption_appliance 6.5
cisco ironport_encryption_appliance 6.5.0.1
cisco ironport_postx 6.2.1
cisco ironport_postx 6.2.2
cisco ironport_postx 6.2.2.1
cisco ironport_postx 6.2.2.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "41DF7FFA-66B5-45E8-B57E-FB307E4DB8CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3CAA06A-C849-49B9-B6B7-7E3BF41F705C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6539D9D7-E3DF-475C-B53D-CF11220FBA27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7486F8C6-F2E5-4790-BA3A-FA36CF7A8704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1262F096-DB00-4D52-894D-3BA812AEF570",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "097FCF52-65CF-4AF5-97BC-8B310610DFB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8A0A514-959C-4017-B0AB-AFC9D0A979E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06BEC91-C3A6-4590-94A7-EA783A12ABF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF9BCDE5-CEF8-4D25-AE6A-D4AF2B2DFBD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "90A1B821-0FDD-40C8-93FA-06BB895E83D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9EF0B9B-B5D9-4F2D-A4E9-24349747435A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CF6D489-B7EA-4705-B136-6B96CC179046",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "391503D9-FE43-4A34-A67D-AB3B52996FA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BACB1F5F-542E-44B2-AF54-6D61294E57A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA0DB42-01D6-4B14-934B-23C11CB8D062",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A66E714E-6414-4B3F-ABFB-8DE44F3E7065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0BE0FF-376B-4BA4-8CEF-EFCF3BDC1D4C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to execute arbitrary code via unknown vectors, aka IronPort Bug 65923."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad sin especificar en el servidor HTTPS embebido en el IronPort Encryption Appliance v6.2.x anterior a v6.2.9.1 y v6.5.x anterior a v6.5.2 y el IronPort PostX MAP anterior  a v6.2.9.1, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores desconocidos. Tambi\u00e9n conocido como IronPort Bug 65923."
    }
  ],
  "id": "CVE-2010-0145",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-02-11T17:30:00.813",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/38525"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/38525"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2010-0143

Vulnerability from fkie_nvd - Published: 2010-02-11 17:30 - Updated: 2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the administrative interface in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65921.
References
psirt@cisco.comhttp://secunia.com/advisories/38525
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.htmlVendor Advisory
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38525
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtmlPatch, Vendor Advisory
Impacted products
Vendor Product Version
cisco ironport_encryption_appliance 6.2.4
cisco ironport_encryption_appliance 6.2.4.1
cisco ironport_encryption_appliance 6.2.5
cisco ironport_encryption_appliance 6.2.6
cisco ironport_encryption_appliance 6.2.7
cisco ironport_encryption_appliance 6.2.7.1
cisco ironport_encryption_appliance 6.2.7.2
cisco ironport_encryption_appliance 6.2.7.3
cisco ironport_encryption_appliance 6.2.7.4
cisco ironport_encryption_appliance 6.2.7.5
cisco ironport_encryption_appliance 6.2.7.6
cisco ironport_encryption_appliance 6.5
cisco ironport_encryption_appliance 6.5.0.1
cisco ironport_postx 6.2.1
cisco ironport_postx 6.2.2
cisco ironport_postx 6.2.2.1
cisco ironport_postx 6.2.2.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "41DF7FFA-66B5-45E8-B57E-FB307E4DB8CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3CAA06A-C849-49B9-B6B7-7E3BF41F705C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6539D9D7-E3DF-475C-B53D-CF11220FBA27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7486F8C6-F2E5-4790-BA3A-FA36CF7A8704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1262F096-DB00-4D52-894D-3BA812AEF570",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "097FCF52-65CF-4AF5-97BC-8B310610DFB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8A0A514-959C-4017-B0AB-AFC9D0A979E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06BEC91-C3A6-4590-94A7-EA783A12ABF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF9BCDE5-CEF8-4D25-AE6A-D4AF2B2DFBD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "90A1B821-0FDD-40C8-93FA-06BB895E83D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9EF0B9B-B5D9-4F2D-A4E9-24349747435A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CF6D489-B7EA-4705-B136-6B96CC179046",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "391503D9-FE43-4A34-A67D-AB3B52996FA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BACB1F5F-542E-44B2-AF54-6D61294E57A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA0DB42-01D6-4B14-934B-23C11CB8D062",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A66E714E-6414-4B3F-ABFB-8DE44F3E7065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0BE0FF-376B-4BA4-8CEF-EFCF3BDC1D4C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the administrative interface in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65921."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad sin especificar en el interfaz de administraci\u00f3n del servidor HTTPS embebido en el IronPort Encryption Appliance v6.2.x anterior a v6.2.9.1 y v6.5.x anterior a v6.5.2 y el IronPort PostX MAP anterior  a v6.2.9.1, permite a atacantes remotos leer archivos de su elecci\u00f3n a trav\u00e9s de vectores desconocidos. Tambi\u00e9n conocido como IronPort Bug 65921."
    }
  ],
  "id": "CVE-2010-0143",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 7.8,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-02-11T17:30:00.657",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/38525"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/38525"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2009-0055

Vulnerability from fkie_nvd - Published: 2009-01-16 21:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors.
References
psirt@cisco.comhttp://osvdb.org/51397
psirt@cisco.comhttp://secunia.com/advisories/33479
psirt@cisco.comhttp://securitytracker.com/id?1021594
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtmlVendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/33268
psirt@cisco.comhttp://www.vupen.com/english/advisories/2009/0140
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/51397
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/33479
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1021594
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/33268
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0140
Impacted products
Vendor Product Version
cisco ironport_encryption_appliance 6.2.4
cisco ironport_encryption_appliance 6.2.4.1
cisco ironport_encryption_appliance 6.2.5
cisco ironport_encryption_appliance 6.2.6
cisco ironport_encryption_appliance 6.2.7
cisco ironport_encryption_appliance 6.2.7.1
cisco ironport_encryption_appliance 6.2.7.2
cisco ironport_encryption_appliance 6.2.7.3
cisco ironport_encryption_appliance 6.2.7.4
cisco ironport_encryption_appliance 6.2.7.5
cisco ironport_encryption_appliance 6.2.7.6
cisco ironport_encryption_appliance 6.3
cisco ironport_encryption_appliance 6.3.0.1
cisco ironport_encryption_appliance 6.3.0.2
cisco ironport_encryption_appliance 6.3.0.3
cisco ironport_encryption_appliance 6.5
cisco ironport_encryption_appliance 6.5.0.1
cisco ironport_postx 6.2.1
cisco ironport_postx 6.2.2
cisco ironport_postx 6.2.2.1
cisco ironport_postx 6.2.2.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "41DF7FFA-66B5-45E8-B57E-FB307E4DB8CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3CAA06A-C849-49B9-B6B7-7E3BF41F705C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6539D9D7-E3DF-475C-B53D-CF11220FBA27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7486F8C6-F2E5-4790-BA3A-FA36CF7A8704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1262F096-DB00-4D52-894D-3BA812AEF570",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "097FCF52-65CF-4AF5-97BC-8B310610DFB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8A0A514-959C-4017-B0AB-AFC9D0A979E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06BEC91-C3A6-4590-94A7-EA783A12ABF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF9BCDE5-CEF8-4D25-AE6A-D4AF2B2DFBD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "90A1B821-0FDD-40C8-93FA-06BB895E83D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9EF0B9B-B5D9-4F2D-A4E9-24349747435A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E081B0DF-DBD9-4640-92CC-29920E2A50BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C56BC79D-E974-4881-81E5-335FF216DFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C7E4C7E-DECE-40B5-AAA4-15964F4EC762",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4686D0A4-85B4-4236-B09A-DA8B554A0523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CF6D489-B7EA-4705-B136-6B96CC179046",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "391503D9-FE43-4A34-A67D-AB3B52996FA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BACB1F5F-542E-44B2-AF54-6D61294E57A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA0DB42-01D6-4B14-934B-23C11CB8D062",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A66E714E-6414-4B3F-ABFB-8DE44F3E7065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0BE0FF-376B-4BA4-8CEF-EFCF3BDC1D4C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en el interfaz de administraci\u00f3n en Cisco IronPort Encryption Appliance v6.2.4 anterior a v6.2.4.1.1, v6.2.5, v6.2.6, v6.2.7 anterior a v6.2.7.7, v6.3 anterior a v6.3.0.4, y v6.5 anterior a v6.5.0.2; y Cisco IronPort PostX v6.2.1 anterior a v6.2.1.1 y v6.2.2 anterior a v6.2.2.3; permite a atacantes remotos modificar preferencias del dispositivo como usuarios de su elecci\u00f3n mediante vectores no especificados."
    }
  ],
  "id": "CVE-2009-0055",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-01-16T21:30:03.453",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/51397"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/33479"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://securitytracker.com/id?1021594"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/33268"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2009/0140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/51397"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/33479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1021594"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/33268"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0140"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2009-0053

Vulnerability from fkie_nvd - Published: 2009-01-16 21:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to obtain the decryption key via unspecified vectors, related to a "logic error."
References
psirt@cisco.comhttp://osvdb.org/51395
psirt@cisco.comhttp://secunia.com/advisories/33479
psirt@cisco.comhttp://securitytracker.com/id?1021593
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtmlVendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/33268
psirt@cisco.comhttp://www.vupen.com/english/advisories/2009/0140
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/51395
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/33479
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1021593
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/33268
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0140
Impacted products
Vendor Product Version
cisco ironport_encryption_appliance 6.2.4
cisco ironport_encryption_appliance 6.2.4.1
cisco ironport_encryption_appliance 6.2.5
cisco ironport_encryption_appliance 6.2.6
cisco ironport_encryption_appliance 6.2.7
cisco ironport_encryption_appliance 6.2.7.1
cisco ironport_encryption_appliance 6.2.7.2
cisco ironport_encryption_appliance 6.2.7.3
cisco ironport_encryption_appliance 6.2.7.4
cisco ironport_encryption_appliance 6.2.7.5
cisco ironport_encryption_appliance 6.2.7.6
cisco ironport_encryption_appliance 6.3
cisco ironport_encryption_appliance 6.3.0.1
cisco ironport_encryption_appliance 6.3.0.2
cisco ironport_encryption_appliance 6.3.0.3
cisco ironport_encryption_appliance 6.5
cisco ironport_encryption_appliance 6.5.0.1
cisco ironport_postx 6.2.1
cisco ironport_postx 6.2.2
cisco ironport_postx 6.2.2.1
cisco ironport_postx 6.2.2.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "41DF7FFA-66B5-45E8-B57E-FB307E4DB8CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3CAA06A-C849-49B9-B6B7-7E3BF41F705C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6539D9D7-E3DF-475C-B53D-CF11220FBA27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7486F8C6-F2E5-4790-BA3A-FA36CF7A8704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1262F096-DB00-4D52-894D-3BA812AEF570",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "097FCF52-65CF-4AF5-97BC-8B310610DFB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8A0A514-959C-4017-B0AB-AFC9D0A979E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06BEC91-C3A6-4590-94A7-EA783A12ABF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF9BCDE5-CEF8-4D25-AE6A-D4AF2B2DFBD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "90A1B821-0FDD-40C8-93FA-06BB895E83D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9EF0B9B-B5D9-4F2D-A4E9-24349747435A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E081B0DF-DBD9-4640-92CC-29920E2A50BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C56BC79D-E974-4881-81E5-335FF216DFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C7E4C7E-DECE-40B5-AAA4-15964F4EC762",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4686D0A4-85B4-4236-B09A-DA8B554A0523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CF6D489-B7EA-4705-B136-6B96CC179046",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "391503D9-FE43-4A34-A67D-AB3B52996FA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BACB1F5F-542E-44B2-AF54-6D61294E57A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA0DB42-01D6-4B14-934B-23C11CB8D062",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A66E714E-6414-4B3F-ABFB-8DE44F3E7065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0BE0FF-376B-4BA4-8CEF-EFCF3BDC1D4C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to obtain the decryption key via unspecified vectors, related to a \"logic error.\""
    },
    {
      "lang": "es",
      "value": "Cifrado PXE en Cisco IronPort Encryption Appliance v6.2.4 anterior a v6.2.4.1.1, v6.2.5, v6.2.6, v6.2.7 anterior a v6.2.7.7, v6.3 anterior a v6.3.0.4, y v6.5 anterior a v6.5.0.2; y Cisco IronPort PostX v6.2.1 anterior a v6.2.1.1 y v6.2.2 anterior a v6.2.2.3; permite a atacantes remotos obtener la clave de descifrado mediante vectores no especificados, relacionados con un \"error l\u00f3gico\"."
    }
  ],
  "id": "CVE-2009-0053",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-01-16T21:30:03.407",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/51395"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/33479"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://securitytracker.com/id?1021593"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/33268"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2009/0140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/51395"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/33479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1021593"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/33268"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0140"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-310"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2009-0054

Vulnerability from fkie_nvd - Published: 2009-01-16 21:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to capture credentials by tricking a user into reading a modified or crafted e-mail message.
References
psirt@cisco.comhttp://osvdb.org/51396
psirt@cisco.comhttp://secunia.com/advisories/33479
psirt@cisco.comhttp://securitytracker.com/id?1021593
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtmlVendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/33268
psirt@cisco.comhttp://www.vupen.com/english/advisories/2009/0140
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/51396
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/33479
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1021593
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/33268
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0140
Impacted products
Vendor Product Version
cisco ironport_encryption_appliance 6.2.4
cisco ironport_encryption_appliance 6.2.4.1
cisco ironport_encryption_appliance 6.2.5
cisco ironport_encryption_appliance 6.2.6
cisco ironport_encryption_appliance 6.2.7
cisco ironport_encryption_appliance 6.2.7.1
cisco ironport_encryption_appliance 6.2.7.2
cisco ironport_encryption_appliance 6.2.7.3
cisco ironport_encryption_appliance 6.2.7.4
cisco ironport_encryption_appliance 6.2.7.5
cisco ironport_encryption_appliance 6.2.7.6
cisco ironport_encryption_appliance 6.3
cisco ironport_encryption_appliance 6.3.0.1
cisco ironport_encryption_appliance 6.3.0.2
cisco ironport_encryption_appliance 6.3.0.3
cisco ironport_encryption_appliance 6.5
cisco ironport_encryption_appliance 6.5.0.1
cisco ironport_postx 6.2.1
cisco ironport_postx 6.2.2
cisco ironport_postx 6.2.2.1
cisco ironport_postx 6.2.2.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "41DF7FFA-66B5-45E8-B57E-FB307E4DB8CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3CAA06A-C849-49B9-B6B7-7E3BF41F705C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6539D9D7-E3DF-475C-B53D-CF11220FBA27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7486F8C6-F2E5-4790-BA3A-FA36CF7A8704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1262F096-DB00-4D52-894D-3BA812AEF570",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "097FCF52-65CF-4AF5-97BC-8B310610DFB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8A0A514-959C-4017-B0AB-AFC9D0A979E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06BEC91-C3A6-4590-94A7-EA783A12ABF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF9BCDE5-CEF8-4D25-AE6A-D4AF2B2DFBD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "90A1B821-0FDD-40C8-93FA-06BB895E83D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9EF0B9B-B5D9-4F2D-A4E9-24349747435A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E081B0DF-DBD9-4640-92CC-29920E2A50BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C56BC79D-E974-4881-81E5-335FF216DFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C7E4C7E-DECE-40B5-AAA4-15964F4EC762",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4686D0A4-85B4-4236-B09A-DA8B554A0523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CF6D489-B7EA-4705-B136-6B96CC179046",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "391503D9-FE43-4A34-A67D-AB3B52996FA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BACB1F5F-542E-44B2-AF54-6D61294E57A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA0DB42-01D6-4B14-934B-23C11CB8D062",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A66E714E-6414-4B3F-ABFB-8DE44F3E7065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0BE0FF-376B-4BA4-8CEF-EFCF3BDC1D4C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to capture credentials by tricking a user into reading a modified or crafted e-mail message."
    },
    {
      "lang": "es",
      "value": "Cifrado PXE en Cisco IronPort Encryption Appliance v6.2.4 anterior a v6.2.4.1.1, v6.2.5, v6.2.6, v6.2.7 anterior a v6.2.7.7, v6.3 anterior a v6.3.0.4, y v6.5 anterior a v6.5.0.2; y Cisco IronPort PostX v6.2.1 anterior a v6.2.1.1 y v6.2.2 anterior a v6.2.2.3; permite a atacantes remotos capturar credenciales enga\u00f1ando al usuario para leer un mensaje de correo electr\u00f3nico modificado o manipulado."
    }
  ],
  "id": "CVE-2009-0054",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-01-16T21:30:03.437",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/51396"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/33479"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://securitytracker.com/id?1021593"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/33268"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2009/0140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/51396"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/33479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1021593"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/33268"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0140"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-255"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2009-0056

Vulnerability from fkie_nvd - Published: 2009-01-16 21:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to execute commands and modify appliance preferences as arbitrary users via a logout action.
References
psirt@cisco.comhttp://osvdb.org/51398
psirt@cisco.comhttp://secunia.com/advisories/33479
psirt@cisco.comhttp://securitytracker.com/id?1021594
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtmlVendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/33268
psirt@cisco.comhttp://www.vupen.com/english/advisories/2009/0140
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/51398
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/33479
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1021594
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/33268
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0140
Impacted products
Vendor Product Version
cisco ironport_encryption_appliance 6.2.4
cisco ironport_encryption_appliance 6.2.4.1
cisco ironport_encryption_appliance 6.2.5
cisco ironport_encryption_appliance 6.2.6
cisco ironport_encryption_appliance 6.2.7
cisco ironport_encryption_appliance 6.2.7.1
cisco ironport_encryption_appliance 6.2.7.2
cisco ironport_encryption_appliance 6.2.7.3
cisco ironport_encryption_appliance 6.2.7.4
cisco ironport_encryption_appliance 6.2.7.5
cisco ironport_encryption_appliance 6.2.7.6
cisco ironport_encryption_appliance 6.3
cisco ironport_encryption_appliance 6.3.0.1
cisco ironport_encryption_appliance 6.3.0.2
cisco ironport_encryption_appliance 6.3.0.3
cisco ironport_encryption_appliance 6.5
cisco ironport_encryption_appliance 6.5.0.1
cisco ironport_postx 6.2.1
cisco ironport_postx 6.2.2
cisco ironport_postx 6.2.2.1
cisco ironport_postx 6.2.2.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "41DF7FFA-66B5-45E8-B57E-FB307E4DB8CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3CAA06A-C849-49B9-B6B7-7E3BF41F705C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6539D9D7-E3DF-475C-B53D-CF11220FBA27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7486F8C6-F2E5-4790-BA3A-FA36CF7A8704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1262F096-DB00-4D52-894D-3BA812AEF570",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "097FCF52-65CF-4AF5-97BC-8B310610DFB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8A0A514-959C-4017-B0AB-AFC9D0A979E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06BEC91-C3A6-4590-94A7-EA783A12ABF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF9BCDE5-CEF8-4D25-AE6A-D4AF2B2DFBD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "90A1B821-0FDD-40C8-93FA-06BB895E83D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9EF0B9B-B5D9-4F2D-A4E9-24349747435A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E081B0DF-DBD9-4640-92CC-29920E2A50BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C56BC79D-E974-4881-81E5-335FF216DFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C7E4C7E-DECE-40B5-AAA4-15964F4EC762",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4686D0A4-85B4-4236-B09A-DA8B554A0523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CF6D489-B7EA-4705-B136-6B96CC179046",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "391503D9-FE43-4A34-A67D-AB3B52996FA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BACB1F5F-542E-44B2-AF54-6D61294E57A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA0DB42-01D6-4B14-934B-23C11CB8D062",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A66E714E-6414-4B3F-ABFB-8DE44F3E7065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0BE0FF-376B-4BA4-8CEF-EFCF3BDC1D4C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to execute commands and modify appliance preferences as arbitrary users via a logout action."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en el interfaz de administraci\u00f3n en Cisco IronPort Encryption Appliance v6.2.4 anterior a v6.2.4.1.1, v6.2.5, v6.2.6, v6.2.7 anterior a v6.2.7.7, v6.3 anterior a v6.3.0.4, y v6.5 anterior a v6.5.0.2; y Cisco IronPort PostX v6.2.1 anterior a v6.2.1.1 y v6.2.2 anterior a v6.2.2.3; permite a atacantes remotos ejecutar comandos y modificar preferencias del dispositivo como usuarios de su elecci\u00f3n mediante una acci\u00f3n logout."
    }
  ],
  "id": "CVE-2009-0056",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-01-16T21:30:03.467",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/51398"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/33479"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://securitytracker.com/id?1021594"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/33268"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2009/0140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/51398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/33479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1021594"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/33268"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0140"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2010-0143 (GCVE-0-2010-0143)

Vulnerability from cvelistv5 – Published: 2010-02-11 17:00 – Updated: 2024-08-07 00:37
VLAI?
Summary
Unspecified vulnerability in the administrative interface in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65921.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.cisco.com/en/US/products/products_appl… x_refsource_CONFIRM
http://secunia.com/advisories/38525 third-party-advisoryx_refsource_SECUNIA
http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:37:53.883Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
          },
          {
            "name": "38525",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38525"
          },
          {
            "name": "20100210 Multiple Vulnerabilities in Cisco IronPort Encryption Appliance",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the administrative interface in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65921."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-02-26T10:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
        },
        {
          "name": "38525",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38525"
        },
        {
          "name": "20100210 Multiple Vulnerabilities in Cisco IronPort Encryption Appliance",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2010-0143",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the administrative interface in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65921."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html",
              "refsource": "CONFIRM",
              "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
            },
            {
              "name": "38525",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38525"
            },
            {
              "name": "20100210 Multiple Vulnerabilities in Cisco IronPort Encryption Appliance",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2010-0143",
    "datePublished": "2010-02-11T17:00:00",
    "dateReserved": "2010-01-04T00:00:00",
    "dateUpdated": "2024-08-07T00:37:53.883Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0145 (GCVE-0-2010-0145)

Vulnerability from cvelistv5 – Published: 2010-02-11 17:00 – Updated: 2024-08-07 00:37
VLAI?
Summary
Unspecified vulnerability in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to execute arbitrary code via unknown vectors, aka IronPort Bug 65923.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.cisco.com/en/US/products/products_appl… x_refsource_CONFIRM
http://secunia.com/advisories/38525 third-party-advisoryx_refsource_SECUNIA
http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:37:53.888Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
          },
          {
            "name": "38525",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38525"
          },
          {
            "name": "20100210 Multiple Vulnerabilities in Cisco IronPort Encryption Appliance",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to execute arbitrary code via unknown vectors, aka IronPort Bug 65923."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-02-26T10:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
        },
        {
          "name": "38525",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38525"
        },
        {
          "name": "20100210 Multiple Vulnerabilities in Cisco IronPort Encryption Appliance",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2010-0145",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to execute arbitrary code via unknown vectors, aka IronPort Bug 65923."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html",
              "refsource": "CONFIRM",
              "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
            },
            {
              "name": "38525",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38525"
            },
            {
              "name": "20100210 Multiple Vulnerabilities in Cisco IronPort Encryption Appliance",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2010-0145",
    "datePublished": "2010-02-11T17:00:00",
    "dateReserved": "2010-01-04T00:00:00",
    "dateUpdated": "2024-08-07T00:37:53.888Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0144 (GCVE-0-2010-0144)

Vulnerability from cvelistv5 – Published: 2010-02-11 17:00 – Updated: 2024-08-07 00:37
VLAI?
Summary
Unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65922.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.cisco.com/en/US/products/products_appl… x_refsource_CONFIRM
http://secunia.com/advisories/38525 third-party-advisoryx_refsource_SECUNIA
http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:37:53.839Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
          },
          {
            "name": "38525",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38525"
          },
          {
            "name": "20100210 Multiple Vulnerabilities in Cisco IronPort Encryption Appliance",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65922."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-02-26T10:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
        },
        {
          "name": "38525",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38525"
        },
        {
          "name": "20100210 Multiple Vulnerabilities in Cisco IronPort Encryption Appliance",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2010-0144",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65922."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html",
              "refsource": "CONFIRM",
              "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
            },
            {
              "name": "38525",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38525"
            },
            {
              "name": "20100210 Multiple Vulnerabilities in Cisco IronPort Encryption Appliance",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2010-0144",
    "datePublished": "2010-02-11T17:00:00",
    "dateReserved": "2010-01-04T00:00:00",
    "dateUpdated": "2024-08-07T00:37:53.839Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-0055 (GCVE-0-2009-0055)

Vulnerability from cvelistv5 – Published: 2009-01-16 21:00 – Updated: 2024-08-07 04:17
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.securityfocus.com/bid/33268 vdb-entryx_refsource_BID
http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
http://osvdb.org/51397 vdb-entryx_refsource_OSVDB
http://www.vupen.com/english/advisories/2009/0140 vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/33479 third-party-advisoryx_refsource_SECUNIA
http://securitytracker.com/id?1021594 vdb-entryx_refsource_SECTRACK
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:17:10.437Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "33268",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33268"
          },
          {
            "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
          },
          {
            "name": "51397",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/51397"
          },
          {
            "name": "ADV-2009-0140",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0140"
          },
          {
            "name": "33479",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33479"
          },
          {
            "name": "1021594",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021594"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-01-27T10:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "33268",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33268"
        },
        {
          "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
        },
        {
          "name": "51397",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/51397"
        },
        {
          "name": "ADV-2009-0140",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0140"
        },
        {
          "name": "33479",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33479"
        },
        {
          "name": "1021594",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021594"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-0055",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "33268",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33268"
            },
            {
              "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
            },
            {
              "name": "51397",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/51397"
            },
            {
              "name": "ADV-2009-0140",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0140"
            },
            {
              "name": "33479",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33479"
            },
            {
              "name": "1021594",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021594"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-0055",
    "datePublished": "2009-01-16T21:00:00",
    "dateReserved": "2009-01-07T00:00:00",
    "dateUpdated": "2024-08-07T04:17:10.437Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-0054 (GCVE-0-2009-0054)

Vulnerability from cvelistv5 – Published: 2009-01-16 21:00 – Updated: 2024-08-07 04:17
VLAI?
Summary
PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to capture credentials by tricking a user into reading a modified or crafted e-mail message.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.securityfocus.com/bid/33268 vdb-entryx_refsource_BID
http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
http://osvdb.org/51396 vdb-entryx_refsource_OSVDB
http://www.vupen.com/english/advisories/2009/0140 vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/33479 third-party-advisoryx_refsource_SECUNIA
http://securitytracker.com/id?1021593 vdb-entryx_refsource_SECTRACK
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:17:10.520Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "33268",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33268"
          },
          {
            "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
          },
          {
            "name": "51396",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/51396"
          },
          {
            "name": "ADV-2009-0140",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0140"
          },
          {
            "name": "33479",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33479"
          },
          {
            "name": "1021593",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021593"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to capture credentials by tricking a user into reading a modified or crafted e-mail message."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-01-27T10:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "33268",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33268"
        },
        {
          "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
        },
        {
          "name": "51396",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/51396"
        },
        {
          "name": "ADV-2009-0140",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0140"
        },
        {
          "name": "33479",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33479"
        },
        {
          "name": "1021593",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021593"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-0054",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to capture credentials by tricking a user into reading a modified or crafted e-mail message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "33268",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33268"
            },
            {
              "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
            },
            {
              "name": "51396",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/51396"
            },
            {
              "name": "ADV-2009-0140",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0140"
            },
            {
              "name": "33479",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33479"
            },
            {
              "name": "1021593",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021593"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-0054",
    "datePublished": "2009-01-16T21:00:00",
    "dateReserved": "2009-01-07T00:00:00",
    "dateUpdated": "2024-08-07T04:17:10.520Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-0056 (GCVE-0-2009-0056)

Vulnerability from cvelistv5 – Published: 2009-01-16 21:00 – Updated: 2024-08-07 04:17
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to execute commands and modify appliance preferences as arbitrary users via a logout action.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.securityfocus.com/bid/33268 vdb-entryx_refsource_BID
http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
http://osvdb.org/51398 vdb-entryx_refsource_OSVDB
http://www.vupen.com/english/advisories/2009/0140 vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/33479 third-party-advisoryx_refsource_SECUNIA
http://securitytracker.com/id?1021594 vdb-entryx_refsource_SECTRACK
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:17:10.515Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "33268",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33268"
          },
          {
            "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
          },
          {
            "name": "51398",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/51398"
          },
          {
            "name": "ADV-2009-0140",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0140"
          },
          {
            "name": "33479",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33479"
          },
          {
            "name": "1021594",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021594"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to execute commands and modify appliance preferences as arbitrary users via a logout action."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-01-27T10:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "33268",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33268"
        },
        {
          "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
        },
        {
          "name": "51398",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/51398"
        },
        {
          "name": "ADV-2009-0140",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0140"
        },
        {
          "name": "33479",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33479"
        },
        {
          "name": "1021594",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021594"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-0056",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to execute commands and modify appliance preferences as arbitrary users via a logout action."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "33268",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33268"
            },
            {
              "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
            },
            {
              "name": "51398",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/51398"
            },
            {
              "name": "ADV-2009-0140",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0140"
            },
            {
              "name": "33479",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33479"
            },
            {
              "name": "1021594",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021594"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-0056",
    "datePublished": "2009-01-16T21:00:00",
    "dateReserved": "2009-01-07T00:00:00",
    "dateUpdated": "2024-08-07T04:17:10.515Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-0053 (GCVE-0-2009-0053)

Vulnerability from cvelistv5 – Published: 2009-01-16 21:00 – Updated: 2024-08-07 04:17
VLAI?
Summary
PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to obtain the decryption key via unspecified vectors, related to a "logic error."
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.securityfocus.com/bid/33268 vdb-entryx_refsource_BID
http://osvdb.org/51395 vdb-entryx_refsource_OSVDB
http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
http://www.vupen.com/english/advisories/2009/0140 vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/33479 third-party-advisoryx_refsource_SECUNIA
http://securitytracker.com/id?1021593 vdb-entryx_refsource_SECTRACK
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:17:10.421Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "33268",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33268"
          },
          {
            "name": "51395",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/51395"
          },
          {
            "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
          },
          {
            "name": "ADV-2009-0140",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0140"
          },
          {
            "name": "33479",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33479"
          },
          {
            "name": "1021593",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021593"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to obtain the decryption key via unspecified vectors, related to a \"logic error.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-01-27T10:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "33268",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33268"
        },
        {
          "name": "51395",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/51395"
        },
        {
          "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
        },
        {
          "name": "ADV-2009-0140",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0140"
        },
        {
          "name": "33479",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33479"
        },
        {
          "name": "1021593",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021593"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-0053",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to obtain the decryption key via unspecified vectors, related to a \"logic error.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "33268",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33268"
            },
            {
              "name": "51395",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/51395"
            },
            {
              "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
            },
            {
              "name": "ADV-2009-0140",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0140"
            },
            {
              "name": "33479",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33479"
            },
            {
              "name": "1021593",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021593"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-0053",
    "datePublished": "2009-01-16T21:00:00",
    "dateReserved": "2009-01-07T00:00:00",
    "dateUpdated": "2024-08-07T04:17:10.421Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0143 (GCVE-0-2010-0143)

Vulnerability from nvd – Published: 2010-02-11 17:00 – Updated: 2024-08-07 00:37
VLAI?
Summary
Unspecified vulnerability in the administrative interface in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65921.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.cisco.com/en/US/products/products_appl… x_refsource_CONFIRM
http://secunia.com/advisories/38525 third-party-advisoryx_refsource_SECUNIA
http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:37:53.883Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
          },
          {
            "name": "38525",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38525"
          },
          {
            "name": "20100210 Multiple Vulnerabilities in Cisco IronPort Encryption Appliance",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the administrative interface in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65921."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-02-26T10:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
        },
        {
          "name": "38525",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38525"
        },
        {
          "name": "20100210 Multiple Vulnerabilities in Cisco IronPort Encryption Appliance",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2010-0143",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the administrative interface in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65921."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html",
              "refsource": "CONFIRM",
              "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
            },
            {
              "name": "38525",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38525"
            },
            {
              "name": "20100210 Multiple Vulnerabilities in Cisco IronPort Encryption Appliance",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2010-0143",
    "datePublished": "2010-02-11T17:00:00",
    "dateReserved": "2010-01-04T00:00:00",
    "dateUpdated": "2024-08-07T00:37:53.883Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0145 (GCVE-0-2010-0145)

Vulnerability from nvd – Published: 2010-02-11 17:00 – Updated: 2024-08-07 00:37
VLAI?
Summary
Unspecified vulnerability in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to execute arbitrary code via unknown vectors, aka IronPort Bug 65923.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.cisco.com/en/US/products/products_appl… x_refsource_CONFIRM
http://secunia.com/advisories/38525 third-party-advisoryx_refsource_SECUNIA
http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:37:53.888Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
          },
          {
            "name": "38525",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38525"
          },
          {
            "name": "20100210 Multiple Vulnerabilities in Cisco IronPort Encryption Appliance",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to execute arbitrary code via unknown vectors, aka IronPort Bug 65923."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-02-26T10:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
        },
        {
          "name": "38525",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38525"
        },
        {
          "name": "20100210 Multiple Vulnerabilities in Cisco IronPort Encryption Appliance",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2010-0145",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to execute arbitrary code via unknown vectors, aka IronPort Bug 65923."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html",
              "refsource": "CONFIRM",
              "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
            },
            {
              "name": "38525",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38525"
            },
            {
              "name": "20100210 Multiple Vulnerabilities in Cisco IronPort Encryption Appliance",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2010-0145",
    "datePublished": "2010-02-11T17:00:00",
    "dateReserved": "2010-01-04T00:00:00",
    "dateUpdated": "2024-08-07T00:37:53.888Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0144 (GCVE-0-2010-0144)

Vulnerability from nvd – Published: 2010-02-11 17:00 – Updated: 2024-08-07 00:37
VLAI?
Summary
Unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65922.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.cisco.com/en/US/products/products_appl… x_refsource_CONFIRM
http://secunia.com/advisories/38525 third-party-advisoryx_refsource_SECUNIA
http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:37:53.839Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
          },
          {
            "name": "38525",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38525"
          },
          {
            "name": "20100210 Multiple Vulnerabilities in Cisco IronPort Encryption Appliance",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65922."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-02-26T10:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
        },
        {
          "name": "38525",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38525"
        },
        {
          "name": "20100210 Multiple Vulnerabilities in Cisco IronPort Encryption Appliance",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2010-0144",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65922."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html",
              "refsource": "CONFIRM",
              "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html"
            },
            {
              "name": "38525",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38525"
            },
            {
              "name": "20100210 Multiple Vulnerabilities in Cisco IronPort Encryption Appliance",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b17903.shtml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2010-0144",
    "datePublished": "2010-02-11T17:00:00",
    "dateReserved": "2010-01-04T00:00:00",
    "dateUpdated": "2024-08-07T00:37:53.839Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-0055 (GCVE-0-2009-0055)

Vulnerability from nvd – Published: 2009-01-16 21:00 – Updated: 2024-08-07 04:17
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.securityfocus.com/bid/33268 vdb-entryx_refsource_BID
http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
http://osvdb.org/51397 vdb-entryx_refsource_OSVDB
http://www.vupen.com/english/advisories/2009/0140 vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/33479 third-party-advisoryx_refsource_SECUNIA
http://securitytracker.com/id?1021594 vdb-entryx_refsource_SECTRACK
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:17:10.437Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "33268",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33268"
          },
          {
            "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
          },
          {
            "name": "51397",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/51397"
          },
          {
            "name": "ADV-2009-0140",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0140"
          },
          {
            "name": "33479",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33479"
          },
          {
            "name": "1021594",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021594"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-01-27T10:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "33268",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33268"
        },
        {
          "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
        },
        {
          "name": "51397",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/51397"
        },
        {
          "name": "ADV-2009-0140",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0140"
        },
        {
          "name": "33479",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33479"
        },
        {
          "name": "1021594",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021594"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-0055",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "33268",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33268"
            },
            {
              "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
            },
            {
              "name": "51397",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/51397"
            },
            {
              "name": "ADV-2009-0140",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0140"
            },
            {
              "name": "33479",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33479"
            },
            {
              "name": "1021594",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021594"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-0055",
    "datePublished": "2009-01-16T21:00:00",
    "dateReserved": "2009-01-07T00:00:00",
    "dateUpdated": "2024-08-07T04:17:10.437Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-0054 (GCVE-0-2009-0054)

Vulnerability from nvd – Published: 2009-01-16 21:00 – Updated: 2024-08-07 04:17
VLAI?
Summary
PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to capture credentials by tricking a user into reading a modified or crafted e-mail message.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.securityfocus.com/bid/33268 vdb-entryx_refsource_BID
http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
http://osvdb.org/51396 vdb-entryx_refsource_OSVDB
http://www.vupen.com/english/advisories/2009/0140 vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/33479 third-party-advisoryx_refsource_SECUNIA
http://securitytracker.com/id?1021593 vdb-entryx_refsource_SECTRACK
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:17:10.520Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "33268",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33268"
          },
          {
            "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
          },
          {
            "name": "51396",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/51396"
          },
          {
            "name": "ADV-2009-0140",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0140"
          },
          {
            "name": "33479",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33479"
          },
          {
            "name": "1021593",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021593"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to capture credentials by tricking a user into reading a modified or crafted e-mail message."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-01-27T10:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "33268",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33268"
        },
        {
          "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
        },
        {
          "name": "51396",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/51396"
        },
        {
          "name": "ADV-2009-0140",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0140"
        },
        {
          "name": "33479",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33479"
        },
        {
          "name": "1021593",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021593"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-0054",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to capture credentials by tricking a user into reading a modified or crafted e-mail message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "33268",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33268"
            },
            {
              "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
            },
            {
              "name": "51396",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/51396"
            },
            {
              "name": "ADV-2009-0140",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0140"
            },
            {
              "name": "33479",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33479"
            },
            {
              "name": "1021593",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021593"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-0054",
    "datePublished": "2009-01-16T21:00:00",
    "dateReserved": "2009-01-07T00:00:00",
    "dateUpdated": "2024-08-07T04:17:10.520Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-0056 (GCVE-0-2009-0056)

Vulnerability from nvd – Published: 2009-01-16 21:00 – Updated: 2024-08-07 04:17
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to execute commands and modify appliance preferences as arbitrary users via a logout action.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.securityfocus.com/bid/33268 vdb-entryx_refsource_BID
http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
http://osvdb.org/51398 vdb-entryx_refsource_OSVDB
http://www.vupen.com/english/advisories/2009/0140 vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/33479 third-party-advisoryx_refsource_SECUNIA
http://securitytracker.com/id?1021594 vdb-entryx_refsource_SECTRACK
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:17:10.515Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "33268",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33268"
          },
          {
            "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
          },
          {
            "name": "51398",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/51398"
          },
          {
            "name": "ADV-2009-0140",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0140"
          },
          {
            "name": "33479",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33479"
          },
          {
            "name": "1021594",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021594"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to execute commands and modify appliance preferences as arbitrary users via a logout action."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-01-27T10:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "33268",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33268"
        },
        {
          "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
        },
        {
          "name": "51398",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/51398"
        },
        {
          "name": "ADV-2009-0140",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0140"
        },
        {
          "name": "33479",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33479"
        },
        {
          "name": "1021594",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021594"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-0056",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to execute commands and modify appliance preferences as arbitrary users via a logout action."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "33268",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33268"
            },
            {
              "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
            },
            {
              "name": "51398",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/51398"
            },
            {
              "name": "ADV-2009-0140",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0140"
            },
            {
              "name": "33479",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33479"
            },
            {
              "name": "1021594",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021594"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-0056",
    "datePublished": "2009-01-16T21:00:00",
    "dateReserved": "2009-01-07T00:00:00",
    "dateUpdated": "2024-08-07T04:17:10.515Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-0053 (GCVE-0-2009-0053)

Vulnerability from nvd – Published: 2009-01-16 21:00 – Updated: 2024-08-07 04:17
VLAI?
Summary
PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to obtain the decryption key via unspecified vectors, related to a "logic error."
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.securityfocus.com/bid/33268 vdb-entryx_refsource_BID
http://osvdb.org/51395 vdb-entryx_refsource_OSVDB
http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
http://www.vupen.com/english/advisories/2009/0140 vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/33479 third-party-advisoryx_refsource_SECUNIA
http://securitytracker.com/id?1021593 vdb-entryx_refsource_SECTRACK
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:17:10.421Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "33268",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33268"
          },
          {
            "name": "51395",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/51395"
          },
          {
            "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
          },
          {
            "name": "ADV-2009-0140",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0140"
          },
          {
            "name": "33479",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33479"
          },
          {
            "name": "1021593",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021593"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to obtain the decryption key via unspecified vectors, related to a \"logic error.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-01-27T10:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "33268",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33268"
        },
        {
          "name": "51395",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/51395"
        },
        {
          "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
        },
        {
          "name": "ADV-2009-0140",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0140"
        },
        {
          "name": "33479",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33479"
        },
        {
          "name": "1021593",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021593"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-0053",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to obtain the decryption key via unspecified vectors, related to a \"logic error.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "33268",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33268"
            },
            {
              "name": "51395",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/51395"
            },
            {
              "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
            },
            {
              "name": "ADV-2009-0140",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0140"
            },
            {
              "name": "33479",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33479"
            },
            {
              "name": "1021593",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021593"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-0053",
    "datePublished": "2009-01-16T21:00:00",
    "dateReserved": "2009-01-07T00:00:00",
    "dateUpdated": "2024-08-07T04:17:10.421Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}