Cisco Content Security Management Appliance SNMP Polling Flaw Lets Remote Authenticated Users Obtain Potentially Sensitive Information
|
SecurityTracker Alert ID: 1039186 |
SecurityTracker URL: http://securitytracker.com/id/1039186
|
CVE Reference:
CVE-2017-6783
(Links to External Site)
|
Date: Aug 17 2017
|
Impact:
Disclosure of system information
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 10.1.0-037
|
Description:
A vulnerability was reported in Cisco Content Security Management Appliance. A remote authenticated user can obtain potentially sensitive information on the target system.
A remote authenticated user can send a specially crafted Simple Network Management Protocol (SNMP) poll request to obtain potentially sensitive information on the target system that should be available only to an authenticated administrative user.
The vendor has assigned bug ID CSCve26202 to this vulnerability.
|
Impact:
A remote authenticated user can obtain potentially sensitive information on the target system that should be available only to an authenticated administrative user.
|
Solution:
The vendor has issued a fix.
The vendor advisory is available at:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-csa
|
Vendor URL: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-csa (Links to External Site)
|
Cause:
Access control error
|
|
Message History:
None.
|
Source Message Contents
|
Subject: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-csa
|
|
|