Cisco Content Security Management Appliance (SMA) 8.3.6-039, 9.1.0-31, and 9.1.0-103 improperly restricts the privileges available after LDAP authentication, which allows remote authenticated users to read or write to an arbitrary user's Spam Quarantine folder by visiting a spam-notification URL, aka Bug ID CSCuv65894.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco content security management appliance 9.1.0-103 |
||
cisco content security management appliance 8.3.6-039 |
||
cisco content security management appliance 9.1.0-31 |