Test Kennung:	1.3.6.1.4.1.25623.1.0.106287
Kategorie:	CISCO
Titel:	Cisco Email Security Appliance Internal Testing Interface Vulnerability
Zusammenfassung:	A vulnerability in Cisco IronPort AsyncOS for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to obtain complete control of an affected device.
Beschreibung:	Summary: A vulnerability in Cisco IronPort AsyncOS for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to obtain complete control of an affected device. Vulnerability Insight: The vulnerability is due to the presence of a Cisco internal testing and debugging interface (intended for use during product manufacturing only) on customer-available software releases. An attacker could exploit this vulnerability by connecting to this testing and debugging interface. Vulnerability Impact: An exploit could allow an attacker to obtain complete control of an affected device with root-level privileges. Solution: See the referenced vendor advisory for a solution. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6406 BugTraq ID: 93116 http://www.securityfocus.com/bid/93116 Cisco Security Advisory: 20160922 Cisco Email Security Appliance Internal Testing Interface Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160922-esa http://www.securitytracker.com/id/1036881
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.