Lucene search

[email protected]NVD:CVE-2009-0055

HistoryJan 16, 2009 - 9:30 p.m.

CVE-2009-0055

2009-01-1621:30:03

CWE-352

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.003

Percentile

69.8%

JSON

Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors.

Affected configurations

Nvd

Node

ciscoironport_encryption_applianceMatch6.2.4

ciscoironport_encryption_applianceMatch6.2.4.1

ciscoironport_encryption_applianceMatch6.2.5

ciscoironport_encryption_applianceMatch6.2.6

ciscoironport_encryption_applianceMatch6.2.7

ciscoironport_encryption_applianceMatch6.2.7.1

ciscoironport_encryption_applianceMatch6.2.7.2

ciscoironport_encryption_applianceMatch6.2.7.3

ciscoironport_encryption_applianceMatch6.2.7.4

ciscoironport_encryption_applianceMatch6.2.7.5

ciscoironport_encryption_applianceMatch6.2.7.6

ciscoironport_encryption_applianceMatch6.3

ciscoironport_encryption_applianceMatch6.3.0.1

ciscoironport_encryption_applianceMatch6.3.0.2

ciscoironport_encryption_applianceMatch6.3.0.3

ciscoironport_encryption_applianceMatch6.5

ciscoironport_encryption_applianceMatch6.5.0.1

ciscoironport_postxMatch6.2.1

ciscoironport_postxMatch6.2.2

ciscoironport_postxMatch6.2.2.1

ciscoironport_postxMatch6.2.2.2

VendorProductVersionCPE
ciscoironport_encryption_appliance6.2.4cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4:*:*:*:*:*:*:*
ciscoironport_encryption_appliance6.2.4.1cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4.1:*:*:*:*:*:*:*
ciscoironport_encryption_appliance6.2.5cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.5:*:*:*:*:*:*:*
ciscoironport_encryption_appliance6.2.6cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.6:*:*:*:*:*:*:*
ciscoironport_encryption_appliance6.2.7cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7:*:*:*:*:*:*:*
ciscoironport_encryption_appliance6.2.7.1cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.1:*:*:*:*:*:*:*
ciscoironport_encryption_appliance6.2.7.2cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.2:*:*:*:*:*:*:*
ciscoironport_encryption_appliance6.2.7.3cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.3:*:*:*:*:*:*:*
ciscoironport_encryption_appliance6.2.7.4cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.4:*:*:*:*:*:*:*
ciscoironport_encryption_appliance6.2.7.5cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ironport_encryption_appliance	6.2.4	cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4:::::::*
cisco	ironport_encryption_appliance	6.2.4.1	cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4.1:::::::*
cisco	ironport_encryption_appliance	6.2.5	cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.5:::::::*
cisco	ironport_encryption_appliance	6.2.6	cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.6:::::::*
cisco	ironport_encryption_appliance	6.2.7	cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7:::::::*
cisco	ironport_encryption_appliance	6.2.7.1	cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.1:::::::*
cisco	ironport_encryption_appliance	6.2.7.2	cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.2:::::::*
cisco	ironport_encryption_appliance	6.2.7.3	cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.3:::::::*
cisco	ironport_encryption_appliance	6.2.7.4	cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.4:::::::*
cisco	ironport_encryption_appliance	6.2.7.5	cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.5:::::::*