Cisco Security Manager 3.1 and 3.2 prior to 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes TCP ports used by the MySQL daemon and IEV server, which allows remote malicious users to obtain "root access" to IEV via unspecified use of TCP sessions to these ports.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco security manager 3.2.1 |
||
cisco security manager |
||
cisco security manager 3.1 |
||
cisco security manager 3.2 |
||
cisco security manager 3.1.1 |