Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to execute commands and modify appliance preferences as arbitrary users via a logout action.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco IronPort Encryption Appliance和Cisco IronPort PostX 跨站脚本攻击漏洞
Vulnerability Description
IronPort系列产品是广泛使用的邮件加密网关,能够无缝地完成机密电子邮件的加密、解密和数字签名工作。 IronPort加密设备的管理界面还存在另一个跨站请求伪造漏洞,在某些环境下当用户注销IronPort加密设备的管理界面时,可能允许攻击者执行命令并修改用户的IronPort加密设备首选项,包括用户名和个人安全密码短语。利用这个漏洞不允许攻击者更改用户口令。这个漏洞在IronPort bug中记录6403。
CVSS Information
N/A
Vulnerability Type
N/A