PT-2015-6501 · Cisco · Cisco Content Security Management Appliance+2
Published
2015-07-29
·
Updated
2015-07-29
·
CVE-2015-4288
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco Web Security Appliance (WSA) version 8.5.0-000
Cisco Email Security Appliance (ESA) version 8.5.7-042
Cisco Content Security Management Appliance (SMA) version 8.3.6-048
Description
The issue concerns the LDAP implementation, which fails to verify X.509 certificates from SSL servers. This allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Recommendations
For Cisco Web Security Appliance (WSA) version 8.5.0-000, update to a version that includes the fix for this issue.
For Cisco Email Security Appliance (ESA) version 8.5.7-042, update to a version that includes the fix for this issue.
For Cisco Content Security Management Appliance (SMA) version 8.3.6-048, update to a version that includes the fix for this issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Content Security Management Appliance
Cisco Email Security Appliance
Cisco Web Security Appliance