Detections
Analytics
Multiple Vulnerabilities in Cisco Content Security Management Appliance (cisco-sa-20130626-sma)
high Nessus Plugin ID 69079
Language:
Synopsis
The remote security appliance is missing a vendor-supplied patch.Description
According to its self-reported version, the version of Cisco Content Security Management Appliance running on the remote host has the following vulnerabilities :- An unspecified vulnerability exists in the web framework that could allow a remote, authenticated attacker to execute arbitrary commands. (CVE-2013-3384)
- A denial of service vulnerability exists in the web framework that could allow a remote, unauthenticated attacker to make the system unresponsive.
(CVE-2013-3385)
- A denial of service vulnerability exists in the management GUI that could allow a remote, unauthenticated attacker to make the system unresponsive. (CVE-2013-3386)
Solution
Apply the relevant update referenced in Cisco Security Advisory cisco-sa-20130626-sma.See Also
Plugin Details
Severity: High
ID: 69079
File Name: cisco-sa-20130626-sma.nasl
Version: 1.5
Type: local
Family: CISCO
Published: 7/26/2013
Updated: 11/15/2018
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 9
Temporal Score: 6.7
Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/h:cisco:content_security_management_appliance
Required KB Items: Host/AsyncOS/Cisco Content Security Management Appliance/DisplayVersion, Host/AsyncOS/Cisco Content Security Management Appliance/Version
Exploit Ease: No known exploits are available
Patch Publication Date: 6/26/2013
Vulnerability Publication Date: 6/26/2013
Reference Information
CVE: CVE-2013-3384, CVE-2013-3385, CVE-2013-3386
CISCO-SA: cisco-sa-20130626-sma
CISCO-BUG-ID: CSCzv24579, CSCzv78669, CSCzv81712