Executive Summary
Summary | |
---|---|
Title | Cisco Security Manager Vulnerability |
Informations | |||
---|---|---|---|
Name | cisco-sa-20090121-csm | First vendor Publication | 2008-12-16 |
Vendor | Cisco | Last vendor Modification | 2009-01-21 |
Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Cisco Security Manager contains a vulnerability when it is used with Cisco IPS Event Viewer (IEV) that results in open TCP ports on both the Cisco Security Manager server and IEV client. An unauthenticated, remote attacker could leverage this vulnerability to access the MySQL databases or IEV server. Cisco has released free software updates that address this vulnerability. A workaround is also available to mitigate this vulnerability. |
Original Source
Url : http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6 (...) |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
52316 | Cisco Security Manager IPS Event Viewer (IEV) Unspecified TCP Port Exposure R... |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2009-01-29 | IAVM : 2009-A-0011 - Cisco Security Manager Vulnerability Severity : Category I - VMSKEY : V0018224 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-08-12 | Name : The remote database server can be accessed without a password. File : cisco-sa-20090121-csm.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 10:21:55 |
|
2013-11-11 12:37:28 |
|