cisco-sa-20090121-csm

Cisco Security Manager Vulnerability

cisco-sa-20090121-csm · High · Published 17 years ago · Updated 17 years ago

Cisco Security Manager contains a vulnerability when it is used with Cisco IPS Event Viewer (IEV) that results in open TCP ports on both the Cisco Security Manager server and IEV client. An unauthenticated, remote attacker could leverage this vulnerability to access the MySQL databases or IEV server. Cisco has released software updates that address this vulnerability. A workaround is also available to mitigate this vulnerability. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20090121-csm.

Cisco advisory ·CSAF JSON

Workarounds

No workaround information imported yet.

CVEs	CVE-2008-3820
Cisco Bug IDs	NA
CVSS Score	Base 8.8 Base 8.8 AV:N/AC:M/Au:N/C:C/I:C/A:N/E:F/RL:OF/RC:C/CDP:N/TD:N/CR:ND/IR:ND/AR:ND
Product Names From Source	Cisco Security Manager

Related Products

Product	CVE	Evidence
Cisco RV Series Routers	CVE-2008-3820	Cisco OpenVuln
Cisco Nexus Dashboard	CVE-2008-3820	Cisco OpenVuln
Cisco Security Manager	CVE-2008-3820	Cisco OpenVuln

Vulnslist

find the latest Cisco vulnerabilities

Cisco Security Manager Vulnerability

Workarounds

Related Products