Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes TCP ports used by the MySQL daemon and IEV server, which allows remote attackers to obtain root access to IEV via unspecified use of TCP sessions to these ports.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Security_manager | Cisco | * | * |
| Security_manager | Cisco | 3.1 (including) | 3.1 (including) |
| Security_manager | Cisco | 3.1.1 (including) | 3.1.1 (including) |
| Security_manager | Cisco | 3.1.1-sp3 (including) | 3.1.1-sp3 (including) |
| Security_manager | Cisco | 3.2 (including) | 3.2 (including) |
| Security_manager | Cisco | 3.2-sp2 (including) | 3.2-sp2 (including) |
| Security_manager | Cisco | 3.2.1 (including) | 3.2.1 (including) |
| Security_manager | Cisco | 3.2.1-sp1 (including) | 3.2.1-sp1 (including) |
References
- http://secunia.com/advisories/33633
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6192a.shtml
- http://www.securityfocus.com/bid/33381
- http://www.securitytracker.com/id?1021619
- http://www.vupen.com/english/advisories/2009/0214
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48134
- http://secunia.com/advisories/33633
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6192a.shtml
- http://www.securityfocus.com/bid/33381
- http://www.securitytracker.com/id?1021619
- http://www.vupen.com/english/advisories/2009/0214
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48134