1. CVE-Search
  2. CVE-2010-0144
ID CVE-2010-0144
Summary Unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65922.
References
Vulnerable Configurations
  • cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4.1:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.4.1:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.5:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.5:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.6:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.6:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.1:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.1:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.2:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.2:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.3:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.3:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.4:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.4:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.5:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.5:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.6:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:ironport_encryption_appliance:6.2.7.6:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:ironport_encryption_appliance:6.5:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:ironport_encryption_appliance:6.5:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:ironport_encryption_appliance:6.5.0.1:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:ironport_encryption_appliance:6.5.0.1:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:ironport_postx:6.2.1:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:ironport_postx:6.2.1:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:ironport_postx:6.2.2:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:ironport_postx:6.2.2:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:ironport_postx:6.2.2.1:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:ironport_postx:6.2.2.1:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:ironport_postx:6.2.2.2:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:ironport_postx:6.2.2.2:*:*:*:*:*:*:*
CVSS
Base: 7.8 (as of 26-02-2010 - 07:10)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:N/A:N
refmap via4
cisco 20100210 Multiple Vulnerabilities in Cisco IronPort Encryption Appliance
confirm http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b17904.html
secunia 38525
Last major update 26-02-2010 - 07:10
Published 11-02-2010 - 17:30
Last modified 26-02-2010 - 07:10
Back to Top