CVE-2014-2195
N/A
N/A
Summary
Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled, does not properly handle group names, which allows remote attackers to gain role privileges by leveraging group-name similarity, aka Bug ID CSCum86085.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2195
- http://www.securitytracker.com/id/1030258
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2195
- http://www.securitytracker.com/id/1030258
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.