CVE-2017-6783

Name of the Vulnerable Software and Affected Versions Cisco Web Security Appliance versions 10.0.0-230 Cisco Email Security Appliance version 9.7.2-065 Cisco Content Security Management Appliance version 10.1.0-037

Description A vulnerability in SNMP polling could allow an authenticated, remote attacker to discover confidential information about the appliances. The vulnerability occurs because the appliances do not protect confidential information at rest in response to Simple Network Management Protocol (SNMP) poll requests. An attacker could exploit this vulnerability by doing a crafted SNMP poll request to the targeted security appliance, allowing them to discover confidential information that should be restricted. The attacker must know the configured SNMP community string to exploit this vulnerability.

Recommendations For Cisco Web Security Appliance version 10.0.0-230, update to a fixed version to resolve the issue. For Cisco Email Security Appliance version 9.7.2-065, update to a fixed version to resolve the issue. For Cisco Content Security Management Appliance version 10.1.0-037, update to a fixed version to resolve the issue. As a temporary workaround, consider restricting access to the SNMP community string to minimize the risk of exploitation.