FKIE_CVE-2009-0056

Vulnerability from fkie_nvd - Published: 2009-01-16 21:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to execute commands and modify appliance preferences as arbitrary users via a logout action.
References
psirt@cisco.comhttp://osvdb.org/51398
psirt@cisco.comhttp://secunia.com/advisories/33479
psirt@cisco.comhttp://securitytracker.com/id?1021594
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtmlVendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/33268
psirt@cisco.comhttp://www.vupen.com/english/advisories/2009/0140
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/51398
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/33479
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1021594
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/33268
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0140
Impacted products
Vendor Product Version
cisco ironport_encryption_appliance 6.2.4
cisco ironport_encryption_appliance 6.2.4.1
cisco ironport_encryption_appliance 6.2.5
cisco ironport_encryption_appliance 6.2.6
cisco ironport_encryption_appliance 6.2.7
cisco ironport_encryption_appliance 6.2.7.1
cisco ironport_encryption_appliance 6.2.7.2
cisco ironport_encryption_appliance 6.2.7.3
cisco ironport_encryption_appliance 6.2.7.4
cisco ironport_encryption_appliance 6.2.7.5
cisco ironport_encryption_appliance 6.2.7.6
cisco ironport_encryption_appliance 6.3
cisco ironport_encryption_appliance 6.3.0.1
cisco ironport_encryption_appliance 6.3.0.2
cisco ironport_encryption_appliance 6.3.0.3
cisco ironport_encryption_appliance 6.5
cisco ironport_encryption_appliance 6.5.0.1
cisco ironport_postx 6.2.1
cisco ironport_postx 6.2.2
cisco ironport_postx 6.2.2.1
cisco ironport_postx 6.2.2.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "41DF7FFA-66B5-45E8-B57E-FB307E4DB8CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3CAA06A-C849-49B9-B6B7-7E3BF41F705C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6539D9D7-E3DF-475C-B53D-CF11220FBA27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7486F8C6-F2E5-4790-BA3A-FA36CF7A8704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1262F096-DB00-4D52-894D-3BA812AEF570",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "097FCF52-65CF-4AF5-97BC-8B310610DFB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8A0A514-959C-4017-B0AB-AFC9D0A979E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06BEC91-C3A6-4590-94A7-EA783A12ABF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF9BCDE5-CEF8-4D25-AE6A-D4AF2B2DFBD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "90A1B821-0FDD-40C8-93FA-06BB895E83D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9EF0B9B-B5D9-4F2D-A4E9-24349747435A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E081B0DF-DBD9-4640-92CC-29920E2A50BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C56BC79D-E974-4881-81E5-335FF216DFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C7E4C7E-DECE-40B5-AAA4-15964F4EC762",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4686D0A4-85B4-4236-B09A-DA8B554A0523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CF6D489-B7EA-4705-B136-6B96CC179046",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_encryption_appliance:6.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "391503D9-FE43-4A34-A67D-AB3B52996FA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BACB1F5F-542E-44B2-AF54-6D61294E57A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA0DB42-01D6-4B14-934B-23C11CB8D062",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A66E714E-6414-4B3F-ABFB-8DE44F3E7065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:ironport_postx:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0BE0FF-376B-4BA4-8CEF-EFCF3BDC1D4C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to execute commands and modify appliance preferences as arbitrary users via a logout action."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en el interfaz de administraci\u00f3n en Cisco IronPort Encryption Appliance v6.2.4 anterior a v6.2.4.1.1, v6.2.5, v6.2.6, v6.2.7 anterior a v6.2.7.7, v6.3 anterior a v6.3.0.4, y v6.5 anterior a v6.5.0.2; y Cisco IronPort PostX v6.2.1 anterior a v6.2.1.1 y v6.2.2 anterior a v6.2.2.3; permite a atacantes remotos ejecutar comandos y modificar preferencias del dispositivo como usuarios de su elecci\u00f3n mediante una acci\u00f3n logout."
    }
  ],
  "id": "CVE-2009-0056",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-01-16T21:30:03.467",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/51398"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/33479"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://securitytracker.com/id?1021594"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/33268"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2009/0140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/51398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/33479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1021594"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/33268"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0140"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.