CVE-2019-12635

Name of the Vulnerable Software and Affected Versions Cisco Content Security Management Appliance (SMA) Software (affected versions not specified)

Description A vulnerability in the authorization module of the software could allow an authenticated, remote attacker to gain out-of-scope access to email. The issue exists due to incorrect implementation of role permission controls. An attacker could exploit this by using a custom role with specific permissions, potentially allowing access to the spam quarantine of other users.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.