CVE-2009-0055 (GCVE-0-2009-0055)

Vulnerability from cvelistv5 – Published: 2009-01-16 21:00 – Updated: 2024-08-07 04:17

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	http://www.securityfocus.com/bid/33268	vdb-entryx_refsource_BID
	http://www.cisco.com/en/US/products/products_secu…	vendor-advisoryx_refsource_CISCO
	http://osvdb.org/51397	vdb-entryx_refsource_OSVDB
	http://www.vupen.com/english/advisories/2009/0140	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/33479	third-party-advisoryx_refsource_SECUNIA
	http://securitytracker.com/id?1021594	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:17:10.437Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "33268",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33268"
          },
          {
            "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
          },
          {
            "name": "51397",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/51397"
          },
          {
            "name": "ADV-2009-0140",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0140"
          },
          {
            "name": "33479",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33479"
          },
          {
            "name": "1021594",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021594"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-01-27T10:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "33268",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33268"
        },
        {
          "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
        },
        {
          "name": "51397",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/51397"
        },
        {
          "name": "ADV-2009-0140",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0140"
        },
        {
          "name": "33479",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33479"
        },
        {
          "name": "1021594",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021594"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-0055",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "33268",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33268"
            },
            {
              "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
            },
            {
              "name": "51397",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/51397"
            },
            {
              "name": "ADV-2009-0140",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0140"
            },
            {
              "name": "33479",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33479"
            },
            {
              "name": "1021594",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021594"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-0055",
    "datePublished": "2009-01-16T21:00:00",
    "dateReserved": "2009-01-07T00:00:00",
    "dateUpdated": "2024-08-07T04:17:10.437Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41DF7FFA-66B5-45E8-B57E-FB307E4DB8CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3CAA06A-C849-49B9-B6B7-7E3BF41F705C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6539D9D7-E3DF-475C-B53D-CF11220FBA27\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7486F8C6-F2E5-4790-BA3A-FA36CF7A8704\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1262F096-DB00-4D52-894D-3BA812AEF570\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"097FCF52-65CF-4AF5-97BC-8B310610DFB9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8A0A514-959C-4017-B0AB-AFC9D0A979E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A06BEC91-C3A6-4590-94A7-EA783A12ABF9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF9BCDE5-CEF8-4D25-AE6A-D4AF2B2DFBD0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"90A1B821-0FDD-40C8-93FA-06BB895E83D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9EF0B9B-B5D9-4F2D-A4E9-24349747435A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_encryption_appliance:6.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E081B0DF-DBD9-4640-92CC-29920E2A50BE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C56BC79D-E974-4881-81E5-335FF216DFA2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4C7E4C7E-DECE-40B5-AAA4-15964F4EC762\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4686D0A4-85B4-4236-B09A-DA8B554A0523\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_encryption_appliance:6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CF6D489-B7EA-4705-B136-6B96CC179046\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_encryption_appliance:6.5.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"391503D9-FE43-4A34-A67D-AB3B52996FA0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_postx:6.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BACB1F5F-542E-44B2-AF54-6D61294E57A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_postx:6.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5EA0DB42-01D6-4B14-934B-23C11CB8D062\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_postx:6.2.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A66E714E-6414-4B3F-ABFB-8DE44F3E7065\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:ironport_postx:6.2.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B0BE0FF-376B-4BA4-8CEF-EFCF3BDC1D4C\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de falsificaci\\u00f3n de petici\\u00f3n en sitios cruzados (CSRF) en el interfaz de administraci\\u00f3n en Cisco IronPort Encryption Appliance v6.2.4 anterior a v6.2.4.1.1, v6.2.5, v6.2.6, v6.2.7 anterior a v6.2.7.7, v6.3 anterior a v6.3.0.4, y v6.5 anterior a v6.5.0.2; y Cisco IronPort PostX v6.2.1 anterior a v6.2.1.1 y v6.2.2 anterior a v6.2.2.3; permite a atacantes remotos modificar preferencias del dispositivo como usuarios de su elecci\\u00f3n mediante vectores no especificados.\"}]",
      "id": "CVE-2009-0055",
      "lastModified": "2024-11-21T00:58:57.743",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2009-01-16T21:30:03.453",
      "references": "[{\"url\": \"http://osvdb.org/51397\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://secunia.com/advisories/33479\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://securitytracker.com/id?1021594\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/33268\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2009/0140\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://osvdb.org/51397\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/33479\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1021594\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/33268\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2009/0140\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-352\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-0055\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2009-01-16T21:30:03.453\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en el interfaz de administraci\u00f3n en Cisco IronPort Encryption Appliance v6.2.4 anterior a v6.2.4.1.1, v6.2.5, v6.2.6, v6.2.7 anterior a v6.2.7.7, v6.3 anterior a v6.3.0.4, y v6.5 anterior a v6.5.0.2; y Cisco IronPort PostX v6.2.1 anterior a v6.2.1.1 y v6.2.2 anterior a v6.2.2.3; permite a atacantes remotos modificar preferencias del dispositivo como usuarios de su elecci\u00f3n mediante vectores no especificados.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41DF7FFA-66B5-45E8-B57E-FB307E4DB8CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3CAA06A-C849-49B9-B6B7-7E3BF41F705C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6539D9D7-E3DF-475C-B53D-CF11220FBA27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7486F8C6-F2E5-4790-BA3A-FA36CF7A8704\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1262F096-DB00-4D52-894D-3BA812AEF570\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"097FCF52-65CF-4AF5-97BC-8B310610DFB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8A0A514-959C-4017-B0AB-AFC9D0A979E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A06BEC91-C3A6-4590-94A7-EA783A12ABF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF9BCDE5-CEF8-4D25-AE6A-D4AF2B2DFBD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90A1B821-0FDD-40C8-93FA-06BB895E83D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9EF0B9B-B5D9-4F2D-A4E9-24349747435A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_encryption_appliance:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E081B0DF-DBD9-4640-92CC-29920E2A50BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C56BC79D-E974-4881-81E5-335FF216DFA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C7E4C7E-DECE-40B5-AAA4-15964F4EC762\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4686D0A4-85B4-4236-B09A-DA8B554A0523\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_encryption_appliance:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CF6D489-B7EA-4705-B136-6B96CC179046\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_encryption_appliance:6.5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"391503D9-FE43-4A34-A67D-AB3B52996FA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_postx:6.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BACB1F5F-542E-44B2-AF54-6D61294E57A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_postx:6.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EA0DB42-01D6-4B14-934B-23C11CB8D062\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_postx:6.2.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A66E714E-6414-4B3F-ABFB-8DE44F3E7065\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:ironport_postx:6.2.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B0BE0FF-376B-4BA4-8CEF-EFCF3BDC1D4C\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/51397\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://secunia.com/advisories/33479\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://securitytracker.com/id?1021594\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/33268\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/0140\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://osvdb.org/51397\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/33479\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1021594\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/33268\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/0140\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GSD-2009-0055

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2009-0055

Aliases

CVE-2009-0055

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-0055",
    "description": "Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors.",
    "id": "GSD-2009-0055"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-0055"
      ],
      "details": "Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors.",
      "id": "GSD-2009-0055",
      "modified": "2023-12-13T01:19:43.958446Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2009-0055",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "33268",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/33268"
          },
          {
            "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
            "refsource": "CISCO",
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
          },
          {
            "name": "51397",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/51397"
          },
          {
            "name": "ADV-2009-0140",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/0140"
          },
          {
            "name": "33479",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/33479"
          },
          {
            "name": "1021594",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1021594"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_postx:6.2.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_postx:6.2.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_postx:6.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_postx:6.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-0055"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-352"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "33268",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/33268"
            },
            {
              "name": "20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
            },
            {
              "name": "1021594",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1021594"
            },
            {
              "name": "33479",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/33479"
            },
            {
              "name": "51397",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/51397"
            },
            {
              "name": "ADV-2009-0140",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2009/0140"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2011-03-08T03:17Z",
      "publishedDate": "2009-01-16T21:30Z"
    }
  }
}

GHSA-VRCV-X9C3-49FM

Vulnerability from github – Published: 2022-05-02 03:12 – Updated: 2022-05-02 03:12

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-0055"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-352"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-01-16T21:30:00Z",
    "severity": "MODERATE"
  },
  "details": "Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors.",
  "id": "GHSA-vrcv-x9c3-49fm",
  "modified": "2022-05-02T03:12:36Z",
  "published": "2022-05-02T03:12:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0055"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/51397"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/33479"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1021594"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/33268"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/0140"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2009-0055

Vulnerability from fkie_nvd - Published: 2009-01-16 21:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
psirt@cisco.com	http://osvdb.org/51397
psirt@cisco.com	http://secunia.com/advisories/33479
psirt@cisco.com	http://securitytracker.com/id?1021594
psirt@cisco.com	http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml	Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/33268
psirt@cisco.com	http://www.vupen.com/english/advisories/2009/0140
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/51397
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/33479
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1021594
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/33268
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0140

Impacted products

Vendor	Product	Version
cisco	ironport_encryption_appliance	6.2.4
cisco	ironport_encryption_appliance	6.2.4.1
cisco	ironport_encryption_appliance	6.2.5
cisco	ironport_encryption_appliance	6.2.6
cisco	ironport_encryption_appliance	6.2.7
cisco	ironport_encryption_appliance	6.2.7.1
cisco	ironport_encryption_appliance	6.2.7.2
cisco	ironport_encryption_appliance	6.2.7.3
cisco	ironport_encryption_appliance	6.2.7.4
cisco	ironport_encryption_appliance	6.2.7.5
cisco	ironport_encryption_appliance	6.2.7.6
cisco	ironport_encryption_appliance	6.3
cisco	ironport_encryption_appliance	6.3.0.1
cisco	ironport_encryption_appliance	6.3.0.2
cisco	ironport_encryption_appliance	6.3.0.3
cisco	ironport_encryption_appliance	6.5
cisco	ironport_encryption_appliance	6.5.0.1
cisco	ironport_postx	6.2.1
cisco	ironport_postx	6.2.2
cisco	ironport_postx	6.2.2.1
cisco	ironport_postx	6.2.2.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "41DF7FFA-66B5-45E8-B57E-FB307E4DB8CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3CAA06A-C849-49B9-B6B7-7E3BF41F705C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6539D9D7-E3DF-475C-B53D-CF11220FBA27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7486F8C6-F2E5-4790-BA3A-FA36CF7A8704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1262F096-DB00-4D52-894D-3BA812AEF570",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "097FCF52-65CF-4AF5-97BC-8B310610DFB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8A0A514-959C-4017-B0AB-AFC9D0A979E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06BEC91-C3A6-4590-94A7-EA783A12ABF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF9BCDE5-CEF8-4D25-AE6A-D4AF2B2DFBD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "90A1B821-0FDD-40C8-93FA-06BB895E83D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9EF0B9B-B5D9-4F2D-A4E9-24349747435A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E081B0DF-DBD9-4640-92CC-29920E2A50BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C56BC79D-E974-4881-81E5-335FF216DFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C7E4C7E-DECE-40B5-AAA4-15964F4EC762",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4686D0A4-85B4-4236-B09A-DA8B554A0523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CF6D489-B7EA-4705-B136-6B96CC179046",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "391503D9-FE43-4A34-A67D-AB3B52996FA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BACB1F5F-542E-44B2-AF54-6D61294E57A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA0DB42-01D6-4B14-934B-23C11CB8D062",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A66E714E-6414-4B3F-ABFB-8DE44F3E7065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0BE0FF-376B-4BA4-8CEF-EFCF3BDC1D4C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en el interfaz de administraci\u00f3n en Cisco IronPort Encryption Appliance v6.2.4 anterior a v6.2.4.1.1, v6.2.5, v6.2.6, v6.2.7 anterior a v6.2.7.7, v6.3 anterior a v6.3.0.4, y v6.5 anterior a v6.5.0.2; y Cisco IronPort PostX v6.2.1 anterior a v6.2.1.1 y v6.2.2 anterior a v6.2.2.3; permite a atacantes remotos modificar preferencias del dispositivo como usuarios de su elecci\u00f3n mediante vectores no especificados."
    }
  ],
  "id": "CVE-2009-0055",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-01-16T21:30:03.453",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/51397"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/33479"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://securitytracker.com/id?1021594"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/33268"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2009/0140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/51397"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/33479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1021594"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/33268"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0140"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTA-2009-AVI-016

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités présentes dans Cisco IronPort permettent à un utilisateur distant de porter atteinte à la confidentialité de certaines données ou de réaliser des attaques de type injection de code indirecte.

Description

Plusieurs vulnérabilités sont présentes dans Cisco IronPort :

la première permet à un utilisateur distant d'obtenir la clef de déchiffrement d'un message ne lui étant pas destiné et ainsi de consulter son contenu ;
la deuxième, de nature non précisée par l'éditeur, permet également à un utilisateur distant malintentionné d'obtenir les identifiants d'un autre utilisateur ainsi que le contenu « en clair » de ses messages chiffrés.
la dernière vulnérabilité est relative à l'interface d'administration du produit qui présente une faille de type injection de code indirecte. Elle permet à un utilisateur distant malintentionné de modifier à l'insu d'un utilisateur cible les données de son profil, y compris ses identifiants de connexion, par le biais d'une page web construite de façon particulière.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	toutes les versions de Cisco IronPort Encrytion Appliance/ 6.3 antérieures à la 6.3.0.4 ;
Cisco	N/A	Toutes les versions de Cisco PostX 6.2.1 antérieures à la 6.2.1.1 ;
Cisco	N/A	toutes les versions de Cisco IronPort Encrytion Appliance/PostX 6.2.6 ;
Cisco	N/A	toutes les versions de Cisco IronPort Encrytion Appliance/PostX 6.2.7 antérieures à la 6.2.7.7 ;
Cisco	N/A	toutes les versions de Cisco PostX 6.2.2 antérieures à la 6.2.2.3 ;
Cisco	N/A	toutes les versions de Cisco IronPort Encrytion Appliance/PostX 6.2.5 ;
Cisco	N/A	toutes les versions de Cisco IronPort Encrytion Appliance/PostX 6.2.4 antérieures à la 6.2.4.1.1 ;
Cisco	N/A	toutes les versions de Cisco IronPort Encrytion Appliance 6.5 antérieures à la 6.5.0.1.

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco #109329 du 14 janvier 2009

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "toutes les versions de Cisco IronPort Encrytion Appliance/ 6.3 ant\u00e9rieures \u00e0 la 6.3.0.4 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Toutes les versions de Cisco PostX 6.2.1 ant\u00e9rieures \u00e0 la 6.2.1.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "toutes les versions de Cisco IronPort Encrytion Appliance/PostX 6.2.6 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "toutes les versions de Cisco IronPort Encrytion Appliance/PostX 6.2.7 ant\u00e9rieures \u00e0 la 6.2.7.7 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "toutes les versions de Cisco PostX 6.2.2 ant\u00e9rieures \u00e0 la 6.2.2.3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "toutes les versions de Cisco IronPort Encrytion Appliance/PostX 6.2.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "toutes les versions de Cisco IronPort Encrytion Appliance/PostX 6.2.4 ant\u00e9rieures \u00e0 la 6.2.4.1.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "toutes les versions de Cisco IronPort Encrytion Appliance 6.5 ant\u00e9rieures \u00e0 la 6.5.0.1.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans Cisco IronPort :\n\n-   la premi\u00e8re permet \u00e0 un utilisateur distant d\u0027obtenir la clef de\n    d\u00e9chiffrement d\u0027un message ne lui \u00e9tant pas destin\u00e9 et ainsi de\n    consulter son contenu ;\n-   la deuxi\u00e8me, de nature non pr\u00e9cis\u00e9e par l\u0027\u00e9diteur, permet \u00e9galement\n    \u00e0 un utilisateur distant malintentionn\u00e9 d\u0027obtenir les identifiants\n    d\u0027un autre utilisateur ainsi que le contenu \u00ab en clair \u00bb de ses\n    messages chiffr\u00e9s.\n-   la derni\u00e8re vuln\u00e9rabilit\u00e9 est relative \u00e0 l\u0027interface\n    d\u0027administration du produit qui pr\u00e9sente une faille de type\n    injection de code indirecte. Elle permet \u00e0 un utilisateur distant\n    malintentionn\u00e9 de modifier \u00e0 l\u0027insu d\u0027un utilisateur cible les\n    donn\u00e9es de son profil, y compris ses identifiants de connexion, par\n    le biais d\u0027une page web construite de fa\u00e7on particuli\u00e8re.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-0055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0055"
    },
    {
      "name": "CVE-2009-0056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0056"
    },
    {
      "name": "CVE-2009-0053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0053"
    },
    {
      "name": "CVE-2009-0054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0054"
    }
  ],
  "links": [],
  "reference": "CERTA-2009-AVI-016",
  "revisions": [
    {
      "description": "version initiale ;",
      "revision_date": "2009-01-15T00:00:00.000000"
    },
    {
      "description": "correction des versions affect\u00e9es pour les versions 6.3 et 6.5.",
      "revision_date": "2009-01-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte ( cross-site scripting )"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans Cisco IronPort permettent \u00e0 un\nutilisateur distant de porter atteinte \u00e0 la confidentialit\u00e9 de certaines\ndonn\u00e9es ou de r\u00e9aliser des attaques de type injection de code indirecte.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Cisco IronPort",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco #109329 du 14 janvier 2009",
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20090114-ironport.shtml"
    }
  ]
}

CERTA-2009-AVI-016

Vulnerability from certfr_avis - Published: - Updated:

Description

Plusieurs vulnérabilités sont présentes dans Cisco IronPort :

la première permet à un utilisateur distant d'obtenir la clef de déchiffrement d'un message ne lui étant pas destiné et ainsi de consulter son contenu ;
la deuxième, de nature non précisée par l'éditeur, permet également à un utilisateur distant malintentionné d'obtenir les identifiants d'un autre utilisateur ainsi que le contenu « en clair » de ses messages chiffrés.
la dernière vulnérabilité est relative à l'interface d'administration du produit qui présente une faille de type injection de code indirecte. Elle permet à un utilisateur distant malintentionné de modifier à l'insu d'un utilisateur cible les données de son profil, y compris ses identifiants de connexion, par le biais d'une page web construite de façon particulière.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	toutes les versions de Cisco IronPort Encrytion Appliance/ 6.3 antérieures à la 6.3.0.4 ;
Cisco	N/A	Toutes les versions de Cisco PostX 6.2.1 antérieures à la 6.2.1.1 ;
Cisco	N/A	toutes les versions de Cisco IronPort Encrytion Appliance/PostX 6.2.6 ;
Cisco	N/A	toutes les versions de Cisco IronPort Encrytion Appliance/PostX 6.2.7 antérieures à la 6.2.7.7 ;
Cisco	N/A	toutes les versions de Cisco PostX 6.2.2 antérieures à la 6.2.2.3 ;
Cisco	N/A	toutes les versions de Cisco IronPort Encrytion Appliance/PostX 6.2.5 ;
Cisco	N/A	toutes les versions de Cisco IronPort Encrytion Appliance/PostX 6.2.4 antérieures à la 6.2.4.1.1 ;
Cisco	N/A	toutes les versions de Cisco IronPort Encrytion Appliance 6.5 antérieures à la 6.5.0.1.

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco #109329 du 14 janvier 2009

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "toutes les versions de Cisco IronPort Encrytion Appliance/ 6.3 ant\u00e9rieures \u00e0 la 6.3.0.4 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Toutes les versions de Cisco PostX 6.2.1 ant\u00e9rieures \u00e0 la 6.2.1.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "toutes les versions de Cisco IronPort Encrytion Appliance/PostX 6.2.6 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "toutes les versions de Cisco IronPort Encrytion Appliance/PostX 6.2.7 ant\u00e9rieures \u00e0 la 6.2.7.7 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "toutes les versions de Cisco PostX 6.2.2 ant\u00e9rieures \u00e0 la 6.2.2.3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "toutes les versions de Cisco IronPort Encrytion Appliance/PostX 6.2.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "toutes les versions de Cisco IronPort Encrytion Appliance/PostX 6.2.4 ant\u00e9rieures \u00e0 la 6.2.4.1.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "toutes les versions de Cisco IronPort Encrytion Appliance 6.5 ant\u00e9rieures \u00e0 la 6.5.0.1.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans Cisco IronPort :\n\n-   la premi\u00e8re permet \u00e0 un utilisateur distant d\u0027obtenir la clef de\n    d\u00e9chiffrement d\u0027un message ne lui \u00e9tant pas destin\u00e9 et ainsi de\n    consulter son contenu ;\n-   la deuxi\u00e8me, de nature non pr\u00e9cis\u00e9e par l\u0027\u00e9diteur, permet \u00e9galement\n    \u00e0 un utilisateur distant malintentionn\u00e9 d\u0027obtenir les identifiants\n    d\u0027un autre utilisateur ainsi que le contenu \u00ab en clair \u00bb de ses\n    messages chiffr\u00e9s.\n-   la derni\u00e8re vuln\u00e9rabilit\u00e9 est relative \u00e0 l\u0027interface\n    d\u0027administration du produit qui pr\u00e9sente une faille de type\n    injection de code indirecte. Elle permet \u00e0 un utilisateur distant\n    malintentionn\u00e9 de modifier \u00e0 l\u0027insu d\u0027un utilisateur cible les\n    donn\u00e9es de son profil, y compris ses identifiants de connexion, par\n    le biais d\u0027une page web construite de fa\u00e7on particuli\u00e8re.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-0055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0055"
    },
    {
      "name": "CVE-2009-0056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0056"
    },
    {
      "name": "CVE-2009-0053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0053"
    },
    {
      "name": "CVE-2009-0054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0054"
    }
  ],
  "links": [],
  "reference": "CERTA-2009-AVI-016",
  "revisions": [
    {
      "description": "version initiale ;",
      "revision_date": "2009-01-15T00:00:00.000000"
    },
    {
      "description": "correction des versions affect\u00e9es pour les versions 6.3 et 6.5.",
      "revision_date": "2009-01-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte ( cross-site scripting )"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans Cisco IronPort permettent \u00e0 un\nutilisateur distant de porter atteinte \u00e0 la confidentialit\u00e9 de certaines\ndonn\u00e9es ou de r\u00e9aliser des attaques de type injection de code indirecte.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Cisco IronPort",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco #109329 du 14 janvier 2009",
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20090114-ironport.shtml"
    }
  ]
}

VAR-200901-0304

Vulnerability from variot - Updated: 2023-12-18 12:23

Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors. Attackers may exploit these issues to obtain sensitive information, including user passwords, or to modify user information through the web administration interface. This may aid in further attacks. IronPort series products are widely used email encryption gateways, which can seamlessly complete the encryption, decryption and digital signature of confidential emails. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Cisco Security Advisory: IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities

Advisory ID: cisco-sa-20090114-ironport

Revision 1.0

For Public Release 2009 January 14 1600 UTC (GMT)

+---------------------------------------------------------------------

Summary

IronPort PXE Encryption is an e-mail encryption solution that is designed to secure e-mail communications without the need for a Public Key Infrastructure (PKI) or special agents on receiving systems. When an e-mail message is targeted for encryption, the PXE encryption engine on an IronPort e-mail gateway encrypts the original e-mail message as an HTML file and attaches it to a notification e-mail message that is sent to the recipient. The per-message key used to decrypt the HTML file attachment is stored on a local IronPort Encryption Appliance, PostX software installation or the Cisco Registered Envelope Service, which is a Cisco-managed software service.

PXE Encryption Privacy Vulnerabilities +-------------------------------------

The IronPort PXE Encryption solution is affected by two vulnerabilities that could allow unauthorized individuals to view the contents of secure e-mail messages. To exploit the vulnerabilities, attackers must first intercept secure e-mail messages on the network or via a compromised e-mail account. These vulnerabilities do not affect Cisco Registered Envelope Service users.

Cisco has released free software updates that address these vulnerabilities. There are no workarounds for the vulnerabilities that are described in this advisory.

This advisory is posted at:

http://www.cisco.com/warp/public/707/cisco-sa-20090114-ironport.shtml

Affected Products

Vulnerable Products +------------------

The following IronPort Encryption Appliance/PostX versions are affected by these vulnerabilities:

All PostX 6.2.1 versions prior to 6.2.1.1
All PostX 6.2.2 versions prior to 6.2.2.3
All IronPort Encryption Appliance/PostX 6.2.4 versions prior to 6.2.4.1.1
All IronPort Encryption Appliance/PostX 6.2.5 versions
All IronPort Encryption Appliance/PostX 6.2.6 versions
All IronPort Encryption Appliance/PostX 6.2.7 versions prior to 6.2.7.7
All IronPort Encryption Appliance 6.3 versions prior to 6.3.0.4
All IronPort Encryption Appliance 6.5 versions prior to 6.5.0.2

The version of software that is running on an IronPort Encryption Appliance is located on the About page of the IronPort Encryption Appliance administration interface.

Note: Customers should contact IronPort support to determine which software fixes are applicable for their environment. Please consult the Obtaining Fixed Software section of this advisory for more information.

Products Confirmed Not Vulnerable +--------------------------------

IronPort C, M and S-Series appliances are not affected by these vulnerabilities. Although C-Series appliances can be configured to use a local IronPort Encryption Appliance for per-message key retention, the C-Series appliances are not vulnerable. The Cisco Registered Envelope Service is not vulnerable.

No other Cisco products are currently known to be affected by these vulnerabilities.

Details

Note: IronPort tracks bugs using an internal system that is not available to customers. The IronPort bug tracking identifiers are provided for reference only.

PXE Encryption Privacy Vulnerabilities +-------------------------------------

Individual PXE Encryption users are vulnerable to two message privacy vulnerabilities that could allow an attacker to gain access to sensitive information. All the vulnerabilities require an attacker to first intercept a secure e-mail message as a condition for successful exploitation. Attackers can obtain secure e-mail messages by monitoring a network or a compromised user e-mail account.

The IronPort Encryption Appliance contains a logic error that could allow an attacker to obtain the unique, per-message decryption key that is used to protect the content of an intercepted secure e-mail message without user interaction. Using the decryption key, an attacker could decrypt the contents of the secure e-mail message. This vulnerability is documented in IronPort bug 8062 and has been assigned Common Vulnerabilities and Exposures (CVE) identifier CVE-2009-0053.

By modifying the contents of intercepted secure e-mail messages or by forging a close copy of the e-mail message, it may be possible for an attacker to convince a user to view a modified secure e-mail message and then cause the exposure of the user's credentials and message content. Please see the Workarounds section for more information on mitigations available to reduce exposure to these phishing-style attacks. This vulnerability is documented in IronPort bug 8149 and has been assigned Common Vulnerabilities and Exposures (CVE) identifier CVE-2009-0054. Exploitation of the vulnerability will not allow an attacker to change a user's password. This vulnerability is documented in IronPort bug 5806 and has been assigned Common Vulnerabilities and Exposures (CVE) identifier CVE-2009-0055. Exploitation of the vulnerability will not allow an attacker to change a user's password. This vulnerability is documented in IronPort bug 6403 and has been assigned Common Vulnerabilities and Exposures (CVE) identifier CVE-2009-0056.

Vulnerability Scoring Details

Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.

CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.

Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.

Cisco has provided an FAQ to answer additional questions regarding CVSS at:

http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html

Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at:

http://intellishield.cisco.com/security/alertmanager/cvss

PXE Encryption Message Decryption Vulnerability - IronPort Bug 8062

CVSS Base Score - 7.1 Access Vector - Network Access Complexity - Medium Authentication - None Confidentiality Impact - Complete Integrity Impact - None Availability Impact - None

CVSS Temporal Score - 5.9 Exploitability - Functional Remediation Level - Official Fix Report Confidence - Confirmed

PXE Encryption Phishing Vulnerabilities - IronPort Bug 8149

CVSS Base Score - 6.1 Access Vector - Network Access Complexity - High Authentication - None Confidentiality Impact - Complete Integrity Impact - Partial Availability Impact - None

CVSS Temporal Score - 5 Exploitability - Functional Remediation Level - Official Fix Report Confidence - Confirmed

IronPort Encryption Appliance CSRF Vulnerability - IronPort Bug 5806

CVSS Base Score - 5.8 Access Vector - Network Access Complexity - Medium Authentication - None Confidentiality Impact - Partial Integrity Impact - Partial Availability Impact - None

CVSS Temporal Score - 4.8 Exploitability - Functional Remediation Level - Official Fix Report Confidence - Confirmed

IronPort Encryption Appliance Logout Action CSRF Vulnerability - IronPort Bug 6403

CVSS Base Score - 5.8 Access Vector - Network Access Complexity - Medium Authentication - None Confidentiality Impact - Partial Integrity Impact - Partial Availability Impact - None

CVSS Temporal Score - 4.8 Exploitability - Functional Remediation Level - Official Fix Report Confidence - Confirmed

Impact

PXE Encryption Privacy Vulnerabilities +-------------------------------------

Successful exploitation of these vulnerabilities could allow an attacker to obtain user credentials and view the contents of intercepted secure e-mail messages, which could result in the disclosure of sensitive information.

Software Versions and Fixes

When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.

Workarounds

There are no workarounds for the vulnerabilities that are described in this advisory.

There are mitigations available to help prevent exploitation of the PXE Encryption phishing-style vulnerability. Phishing attacks can be greatly reduced if DomainKeys Identified Mail (DKIM) and Sender Policy Framework (SPF) are implemented on IronPort e-mail gateways to help ensure message integrity and source origin. Additionally, the PXE Encryption solution contains an anti-phishing Secure Pass Phrase feature to ensure that secure notification e-mail messages are valid. This feature is enabled by recipients when configuring their PXE user profile. Cisco has released a best practices document that describes several techniques to mitigate against the phishing-style attacks that is available at the following link:

http://www.cisco.com/web/about/security/intelligence/bpiron.html

Obtaining Fixed Software

Cisco has released free software updates that address these vulnerabilities. The affected products in this advisory are directly supported by IronPort, and not via the Cisco TAC organization. Customers should contact IronPort technical support at the link below to obtain software fixes. IronPort technical support will assist customers in determining the correct fixes and installation procedures. Customers should direct all warranty questions to IronPort technical support.

Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades.

http://www.ironport.com/support/contact_support.html

Exploitation and Public Announcements

The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.

J.B. Snyder of Brintech reported a method for obtaining PXE Encryption user credentials via a phishing-style attack to Cisco.

All other vulnerabilities were discovered by Cisco or reported by customers.

Status of this Notice: FINAL

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.

A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.

Distribution

This advisory is posted on Cisco's worldwide website at:

http://www.cisco.com/warp/public/707/cisco-sa-20090114-ironport.shtml

In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.

cust-security-announce@cisco.com
first-bulletins@lists.first.org
bugtraq@securityfocus.com
vulnwatch@vulnwatch.org
cisco@spot.colorado.edu
cisco-nsp@puck.nether.net
full-disclosure@lists.grok.org.uk
comp.dcom.sys.cisco@newsgate.cisco.com

Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.

Revision History

Cisco Security Procedures

Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at:

http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (SunOS)

iD8DBQFJbhoo86n/Gc8U/uARAjuxAJ4oLc1JjS7N9728Ueb6JB7Y2LVJtACfaSfA A6WIz481vajHya3jIlp+/Xc= =cFJ6 -----END PGP SIGNATURE----- . ----------------------------------------------------------------------

Did you know that a change in our assessment rating, exploit code availability, or if an updated patch is released by the vendor, is not part of this mailing-list?

Click here to learn more: http://secunia.com/advisories/business_solutions/

TITLE: Cisco IronPort Products Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA33479

VERIFY ADVISORY: http://secunia.com/advisories/33479/

CRITICAL: Moderately critical

IMPACT: Cross Site Scripting, Exposure of sensitive information

WHERE:

From remote

OPERATING SYSTEM: Cisco IronPort Encryption Appliance 6.x http://secunia.com/advisories/product/20990/

SOFTWARE: Cisco IronPort PostX 6.x http://secunia.com/advisories/product/20991/

DESCRIPTION: Some vulnerabilities have been reported in Cisco IronPort products, which can be exploited by malicious people to disclose sensitive information or conduct cross-site request forgery attacks.

3) The web-based administration interface allows user to perform certain actions via HTTP request without performing any validity checks to verify the requests. This can be exploited to e.g. http://www.ironport.com/support/contact_support.html

PROVIDED AND/OR DISCOVERED BY: 2) The vendor credits J.B. Snyder of Brintech

ORIGINAL ADVISORY: Cisco (cisco-sa-20090114-ironport): http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200901-0304",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ironport encryption appliance",
        "scope": "eq",
        "trust": 2.1,
        "vendor": "cisco",
        "version": "6.2.6"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "eq",
        "trust": 2.1,
        "vendor": "cisco",
        "version": "6.2.5"
      },
      {
        "model": "ironport postx",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "6.2.2"
      },
      {
        "model": "ironport postx",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "6.2.1"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "6.5"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "6.3"
      },
      {
        "model": "ironport postx",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "6.2.2.1"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "6.3.0.2"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "6.3.0.1"
      },
      {
        "model": "ironport postx",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "6.2.2.2"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "6.5.0.1"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "6.3.0.3"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "6.2.7"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "6.2.4"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.2.7.2"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.2.7.4"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.2.4.1"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.2.7.1"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.2.7.5"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.2.7.6"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.2.7.3"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "6.2.4 - 6.2.4.1.1"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "6.2.7 - 6.2.7.7"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "6.3 - 6.3.0.4"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "6.5 - 6.5.0.2"
      },
      {
        "model": "ironport postx",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "6.2.1 - 6.2.1.1"
      },
      {
        "model": "ironport postx",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "6.2.2 - 6.2.2.3"
      },
      {
        "model": "ironport postx",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.2.23"
      },
      {
        "model": "ironport postx",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.2.11"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.52"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.34"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.2.77"
      },
      {
        "model": "ironport encryption appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.2.41"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "33268"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001682"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0055"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200901-208"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_postx:6.2.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_postx:6.2.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_postx:6.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ironport_postx:6.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-0055"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "J.B. Snyder",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200901-208"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2009-0055",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 6.8,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2009-0055",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-37501",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2009-0055",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200901-208",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-37501",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-37501"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001682"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0055"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200901-208"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors. \nAttackers may exploit these issues to obtain sensitive information, including user passwords, or to modify user information through the web administration interface. This may aid in further attacks. IronPort series products are widely used email encryption gateways, which can seamlessly complete the encryption, decryption and digital signature of confidential emails. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nCisco Security Advisory: IronPort Encryption Appliance / PostX and\n                         PXE Encryption Vulnerabilities\n\nAdvisory ID: cisco-sa-20090114-ironport\n\nRevision 1.0\n\nFor Public Release 2009 January 14 1600 UTC (GMT)\n\n+---------------------------------------------------------------------\n\nSummary\n=======\n\nIronPort PXE Encryption is an e-mail encryption solution that is\ndesigned to secure e-mail communications without the need for a\nPublic Key Infrastructure (PKI) or special agents on receiving\nsystems. When an e-mail message is targeted for encryption, the PXE\nencryption engine on an IronPort e-mail gateway encrypts the original\ne-mail message as an HTML file and attaches it to a notification\ne-mail message that is sent to the recipient. The per-message key\nused to decrypt the HTML file attachment is stored on a local\nIronPort Encryption Appliance, PostX software installation or the\nCisco Registered Envelope Service, which is a Cisco-managed software\nservice. \n\nPXE Encryption Privacy Vulnerabilities\n+-------------------------------------\n\nThe IronPort PXE Encryption solution is affected by two\nvulnerabilities that could allow unauthorized individuals to view the\ncontents of secure e-mail messages. To exploit the vulnerabilities,\nattackers must first intercept secure e-mail messages on the network\nor via a compromised e-mail account. These vulnerabilities do not affect Cisco Registered\nEnvelope Service users. \n\nCisco has released free software updates that address these\nvulnerabilities. There are no workarounds for the vulnerabilities\nthat are described in this advisory. \n\nThis advisory is posted at:\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20090114-ironport.shtml\n\nAffected Products\n=================\n\nVulnerable Products\n+------------------\n\nThe following IronPort Encryption Appliance/PostX versions are\naffected by these vulnerabilities:\n\n  * All PostX 6.2.1 versions prior to 6.2.1.1\n  * All PostX 6.2.2 versions prior to 6.2.2.3\n  * All IronPort Encryption Appliance/PostX 6.2.4 versions prior to 6.2.4.1.1\n  * All IronPort Encryption Appliance/PostX 6.2.5 versions\n  * All IronPort Encryption Appliance/PostX 6.2.6 versions\n  * All IronPort Encryption Appliance/PostX 6.2.7 versions prior to 6.2.7.7\n  * All IronPort Encryption Appliance 6.3 versions prior to 6.3.0.4\n  * All IronPort Encryption Appliance 6.5 versions prior to 6.5.0.2\n\nThe version of software that is running on an IronPort Encryption\nAppliance is located on the About page of the IronPort Encryption\nAppliance administration interface. \n\nNote: Customers should contact IronPort support to determine which\nsoftware fixes are applicable for their environment. Please consult\nthe Obtaining Fixed Software section of this advisory for more\ninformation. \n\nProducts Confirmed Not Vulnerable\n+--------------------------------\n\nIronPort C, M and S-Series appliances are not affected by these\nvulnerabilities. Although C-Series appliances can be configured to\nuse a local IronPort Encryption Appliance for per-message key\nretention, the C-Series appliances are not vulnerable. The Cisco\nRegistered Envelope Service is not vulnerable. \n\nNo other Cisco products are currently known to be affected by these\nvulnerabilities. \n\nDetails\n=======\n\nNote: IronPort tracks bugs using an internal system that is not\navailable to customers. The IronPort bug tracking identifiers are\nprovided for reference only. \n\nPXE Encryption Privacy Vulnerabilities\n+-------------------------------------\n\nIndividual PXE Encryption users are vulnerable to two message privacy\nvulnerabilities that could allow an attacker to gain access to\nsensitive information. All the vulnerabilities require an attacker to\nfirst intercept a secure e-mail message as a condition for successful\nexploitation. Attackers can obtain secure e-mail messages by\nmonitoring a network or a compromised user e-mail account. \n\nThe IronPort Encryption Appliance contains a logic error that could\nallow an attacker to obtain the unique, per-message decryption key\nthat is used to protect the content of an intercepted secure e-mail\nmessage without user interaction. Using the decryption key, an\nattacker could decrypt the contents of the secure e-mail message. \nThis vulnerability is documented in IronPort bug 8062 and has been\nassigned Common Vulnerabilities and Exposures (CVE) identifier\nCVE-2009-0053. \n\nBy modifying the contents of intercepted secure e-mail messages or by\nforging a close copy of the e-mail message, it may be possible for an\nattacker to convince a user to view a modified secure e-mail message\nand then cause the exposure of the user\u0027s credentials and message\ncontent. Please see the Workarounds section for more information on\nmitigations available to reduce exposure to these phishing-style\nattacks. This vulnerability is documented in IronPort bug 8149 and\nhas been assigned Common Vulnerabilities and Exposures (CVE)\nidentifier CVE-2009-0054. Exploitation of the vulnerability will not\nallow an attacker to change a user\u0027s password. This vulnerability is\ndocumented in IronPort bug 5806 and has been assigned Common\nVulnerabilities and Exposures (CVE) identifier CVE-2009-0055. Exploitation of the vulnerability will not allow an\nattacker to change a user\u0027s password. This vulnerability is\ndocumented in IronPort bug 6403 and has been assigned Common\nVulnerabilities and Exposures (CVE) identifier CVE-2009-0056. \n\nVulnerability Scoring Details\n=============================\n\nCisco has provided scores for the vulnerabilities in this advisory\nbased on the Common Vulnerability Scoring System (CVSS). The CVSS\nscoring in this Security Advisory is done in accordance with CVSS\nversion 2.0. \n\nCVSS is a standards-based scoring method that conveys vulnerability\nseverity and helps determine urgency and priority of response. \n\nCisco has provided a base and temporal score. Customers can then\ncompute environmental scores to assist in determining the impact of\nthe vulnerability in individual networks. \n\nCisco has provided an FAQ to answer additional questions regarding\nCVSS at:\n\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\n\nCisco has also provided a CVSS calculator to help compute the\nenvironmental impact for individual networks at:\n\nhttp://intellishield.cisco.com/security/alertmanager/cvss\n\nPXE Encryption Message Decryption Vulnerability - IronPort Bug 8062\n\nCVSS Base Score - 7.1\n    Access Vector - Network\n    Access Complexity - Medium\n    Authentication - None\n    Confidentiality Impact - Complete\n    Integrity Impact - None\n    Availability Impact - None\n\nCVSS Temporal Score - 5.9\n    Exploitability - Functional\n    Remediation Level - Official Fix\n    Report Confidence - Confirmed\n\nPXE Encryption Phishing Vulnerabilities - IronPort Bug 8149\n\nCVSS Base Score - 6.1\n    Access Vector - Network\n    Access Complexity - High\n    Authentication - None\n    Confidentiality Impact - Complete\n    Integrity Impact - Partial\n    Availability Impact - None\n\nCVSS Temporal Score - 5\n    Exploitability - Functional\n    Remediation Level - Official Fix\n    Report Confidence - Confirmed\n\nIronPort Encryption Appliance CSRF Vulnerability - IronPort Bug 5806\n\nCVSS Base Score - 5.8\n    Access Vector - Network\n    Access Complexity - Medium\n    Authentication - None\n    Confidentiality Impact - Partial\n    Integrity Impact - Partial\n    Availability Impact - None\n\nCVSS Temporal Score - 4.8\n    Exploitability - Functional\n    Remediation Level - Official Fix\n    Report Confidence - Confirmed\n\nIronPort Encryption Appliance Logout Action CSRF Vulnerability - IronPort Bug 6403\n\nCVSS Base Score - 5.8\n    Access Vector - Network\n    Access Complexity - Medium\n    Authentication - None\n    Confidentiality Impact - Partial\n    Integrity Impact - Partial\n    Availability Impact - None\n\nCVSS Temporal Score - 4.8\n    Exploitability - Functional\n    Remediation Level - Official Fix\n    Report Confidence - Confirmed\n\nImpact\n======\n\nPXE Encryption Privacy Vulnerabilities\n+-------------------------------------\n\nSuccessful exploitation of these vulnerabilities could allow an\nattacker to obtain user credentials and view the contents of\nintercepted secure e-mail messages, which could result in the\ndisclosure of sensitive information. \n\nSoftware Versions and Fixes\n===========================\n\nWhen considering software upgrades, also consult\nhttp://www.cisco.com/go/psirt and any subsequent advisories to determine\nexposure and a complete upgrade solution. \n\nWorkarounds\n===========\n\nThere are no workarounds for the vulnerabilities that are described\nin this advisory. \n\nThere are mitigations available to help prevent exploitation of the\nPXE Encryption phishing-style vulnerability. Phishing attacks can be\ngreatly reduced if DomainKeys Identified Mail (DKIM) and Sender\nPolicy Framework (SPF) are implemented on IronPort e-mail gateways to\nhelp ensure message integrity and source origin. Additionally, the\nPXE Encryption solution contains an anti-phishing Secure Pass Phrase\nfeature to ensure that secure notification e-mail messages are valid. \nThis feature is enabled by recipients when configuring their PXE user\nprofile. Cisco has released a best practices document that describes\nseveral techniques to mitigate against the phishing-style attacks\nthat is available at the following link:\n\nhttp://www.cisco.com/web/about/security/intelligence/bpiron.html\n\nObtaining Fixed Software\n========================\n\nCisco has released free software updates that address these\nvulnerabilities. The affected products in this advisory are directly\nsupported by IronPort, and not via the Cisco TAC organization. \nCustomers should contact IronPort technical support at the link below\nto obtain software fixes. IronPort technical support will assist\ncustomers in determining the correct fixes and installation\nprocedures. Customers should direct all warranty questions to\nIronPort technical support. \n\nDo not contact psirt@cisco.com or security-alert@cisco.com for\nsoftware upgrades. \n\nhttp://www.ironport.com/support/contact_support.html\n\nExploitation and Public Announcements\n=====================================\n\nThe Cisco PSIRT is not aware of any public announcements or malicious\nuse of the vulnerabilities that are described in this advisory. \n\nJ.B. Snyder of Brintech reported a method for obtaining PXE\nEncryption user credentials via a phishing-style attack to Cisco. \n\nAll other vulnerabilities were discovered by Cisco or reported by\ncustomers. \n\nStatus of this Notice: FINAL\n============================\n\nTHIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY\nKIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\nDOCUMENT AT ANY TIME. \n\nA stand-alone copy or Paraphrase of the text of this document that\nomits the distribution URL in the following section is an\nuncontrolled copy, and may lack important information or contain\nfactual errors. \n\nDistribution\n============\n\nThis advisory is posted on Cisco\u0027s worldwide website at:\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20090114-ironport.shtml\n\nIn addition to worldwide web posting, a text version of this notice\nis clear-signed with the Cisco PSIRT PGP key and is posted to the\nfollowing e-mail and Usenet news recipients. \n\n  * cust-security-announce@cisco.com\n  * first-bulletins@lists.first.org\n  * bugtraq@securityfocus.com\n  * vulnwatch@vulnwatch.org\n  * cisco@spot.colorado.edu\n  * cisco-nsp@puck.nether.net\n  * full-disclosure@lists.grok.org.uk\n  * comp.dcom.sys.cisco@newsgate.cisco.com\n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on\nmailing lists or newsgroups. Users concerned about this problem are\nencouraged to check the above URL for any updates. \n\nRevision History\n================\n\n+---------------------------------------+\n| Revision |                 | Initial  |\n| 1.0      | 2009-January-14 | public   |\n|          |                 | release  |\n+---------------------------------------+\n\nCisco Security Procedures\n=========================\n\nComplete information on reporting security vulnerabilities in Cisco\nproducts, obtaining assistance with security incidents, and\nregistering to receive security information from Cisco, is available\non Cisco\u0027s worldwide website at:\n\nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html\n\nThis includes instructions for press inquiries regarding Cisco security notices. \nAll Cisco security advisories are available at:\n\nhttp://www.cisco.com/go/psirt\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (SunOS)\n\niD8DBQFJbhoo86n/Gc8U/uARAjuxAJ4oLc1JjS7N9728Ueb6JB7Y2LVJtACfaSfA\nA6WIz481vajHya3jIlp+/Xc=\n=cFJ6\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\nDid you know that a change in our assessment rating, exploit code\navailability, or if an updated patch is released by the vendor, is\nnot part of this mailing-list?\n\nClick here to learn more:\nhttp://secunia.com/advisories/business_solutions/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco IronPort Products Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA33479\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/33479/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nCross Site Scripting, Exposure of sensitive information\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nCisco IronPort Encryption Appliance 6.x\nhttp://secunia.com/advisories/product/20990/\n\nSOFTWARE:\nCisco IronPort PostX 6.x\nhttp://secunia.com/advisories/product/20991/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in Cisco IronPort products,\nwhich can be exploited by malicious people to disclose sensitive\ninformation or conduct cross-site request forgery attacks. \n\n3) The web-based administration interface allows user to perform\ncertain actions via HTTP request without performing any validity\nchecks to verify the requests. This can be exploited to e.g. \nhttp://www.ironport.com/support/contact_support.html\n\nPROVIDED AND/OR DISCOVERED BY:\n2) The vendor credits J.B. Snyder of Brintech\n\nORIGINAL ADVISORY:\nCisco (cisco-sa-20090114-ironport):\nhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-0055"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001682"
      },
      {
        "db": "BID",
        "id": "33268"
      },
      {
        "db": "VULHUB",
        "id": "VHN-37501"
      },
      {
        "db": "PACKETSTORM",
        "id": "73911"
      },
      {
        "db": "PACKETSTORM",
        "id": "74003"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2009-0055",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "33268",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "33479",
        "trust": 1.8
      },
      {
        "db": "VUPEN",
        "id": "ADV-2009-0140",
        "trust": 1.7
      },
      {
        "db": "OSVDB",
        "id": "51397",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1021594",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001682",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200901-208",
        "trust": 0.7
      },
      {
        "db": "CISCO",
        "id": "20090114 IRONPORT ENCRYPTION APPLIANCE / POSTX AND PXE ENCRYPTION VULNERABILITIES",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-37501",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "73911",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "74003",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-37501"
      },
      {
        "db": "BID",
        "id": "33268"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001682"
      },
      {
        "db": "PACKETSTORM",
        "id": "73911"
      },
      {
        "db": "PACKETSTORM",
        "id": "74003"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0055"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200901-208"
      }
    ]
  },
  "id": "VAR-200901-0304",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-37501"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:23:02.100000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20090114-ironport",
        "trust": 0.8,
        "url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080a5c4f7.shtml"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001682"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-352",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-37501"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001682"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0055"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080a5c4f7.shtml"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/33268"
      },
      {
        "trust": 1.7,
        "url": "http://osvdb.org/51397"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1021594"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/33479"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2009/0140"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0055"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0055"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2009/0140"
      },
      {
        "trust": 0.4,
        "url": "http://www.cisco.com/warp/public/707/cisco-sa-20090114-ironport.shtml"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com"
      },
      {
        "trust": 0.3,
        "url": "http://www.ironport.com/products/ironport_encryption.html"
      },
      {
        "trust": 0.2,
        "url": "http://www.ironport.com/support/contact_support.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/go/psirt"
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/web/about/security/intelligence/bpiron.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0056"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0055"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0054"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0053"
      },
      {
        "trust": 0.1,
        "url": "http://intellishield.cisco.com/security/alertmanager/cvss"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/33479/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/product/20990/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/business_solutions/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/product/20991/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-37501"
      },
      {
        "db": "BID",
        "id": "33268"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001682"
      },
      {
        "db": "PACKETSTORM",
        "id": "73911"
      },
      {
        "db": "PACKETSTORM",
        "id": "74003"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0055"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200901-208"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-37501"
      },
      {
        "db": "BID",
        "id": "33268"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001682"
      },
      {
        "db": "PACKETSTORM",
        "id": "73911"
      },
      {
        "db": "PACKETSTORM",
        "id": "74003"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0055"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200901-208"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-01-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-37501"
      },
      {
        "date": "2009-01-14T00:00:00",
        "db": "BID",
        "id": "33268"
      },
      {
        "date": "2009-07-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-001682"
      },
      {
        "date": "2009-01-15T01:15:11",
        "db": "PACKETSTORM",
        "id": "73911"
      },
      {
        "date": "2009-01-16T13:12:57",
        "db": "PACKETSTORM",
        "id": "74003"
      },
      {
        "date": "2009-01-16T21:30:03.453000",
        "db": "NVD",
        "id": "CVE-2009-0055"
      },
      {
        "date": "2009-01-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200901-208"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-03-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-37501"
      },
      {
        "date": "2009-01-14T20:12:00",
        "db": "BID",
        "id": "33268"
      },
      {
        "date": "2009-07-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-001682"
      },
      {
        "date": "2011-03-08T03:17:50.017000",
        "db": "NVD",
        "id": "CVE-2009-0055"
      },
      {
        "date": "2009-02-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200901-208"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200901-208"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco IronPort Encryption Appliance and  Cisco IronPort PostX Cross-site request forgery vulnerability in admin interface",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001682"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "cross-site request forgery",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200901-208"
      }
    ],
    "trust": 0.6
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2009-0055 (GCVE-0-2009-0055)

GSD-2009-0055

GHSA-VRCV-X9C3-49FM

FKIE_CVE-2009-0055

CERTA-2009-AVI-016

Description

Solution

CERTA-2009-AVI-016

Description

Solution

VAR-200901-0304

Summary

Affected Products

Details

Vulnerability Scoring Details

Impact

Software Versions and Fixes

Workarounds

Obtaining Fixed Software

Exploitation and Public Announcements

Status of this Notice: FINAL

Distribution

Revision History

Cisco Security Procedures

Tags

Sightings

Nomenclature