漏洞标题
思科邮件安全设备、思科内容安全管理设备和思科网络安全设备信息泄露漏洞
漏洞描述信息
Cisco Email Security Appliance、Cisco Content Security Management Appliance和Cisco Web Security Appliance信息泄露漏洞
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
漏洞类别
N/A
漏洞标题
Cisco Email Security Appliance, Cisco Content Security Management Appliance, and Cisco Web Security Appliance Information Disclosure Vulnerability
漏洞描述信息
A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because an insecure method is used to mask certain passwords on the web-based management interface. An attacker could exploit this vulnerability by looking at the raw HTML code that is received from the interface. A successful exploit could allow the attacker to obtain some of the passwords configured throughout the interface.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
漏洞类别
信息暴露
漏洞标题
Cisco 多款产品信息泄露漏洞
漏洞描述信息
Cisco Content Security Management Appliance(SMA)等都是美国思科(Cisco)公司的产品。Cisco Content Security Management Appliance是一套内容安全管理设备。Cisco Email Security Appliance(ESA)是一个电子邮件安全设备。Cisco Web Security Appliance(WSA)是一款Web安全设备。 Cisco Email Security Appliance、Cisco Con
CVSS信息
N/A
漏洞类别
信息泄露