Cisco Security Advisory: Cisco Security Manager Vulnerability
URL : http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6192a.shtml Summary Cisco Security Manager contains a vulnerability when it is used with Cisco IPS Event Viewer (IEV) that results in open TCP ports on both the Cisco Security Manager server and IEV client. An unauthenticated, remote attacker could leverage this vulnerability to access the MySQL databases or IEV server. Cisco has released free software updates that address this vulnerability. A workaround is also available to mitigate this vulnerability. This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090121-csm.shtml. |
