CVE-2020-3122

Summary

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to obtain sensitive network information.

Affected Software

VendorProductVersion RangeStatus
CiscoCisco IronPort Security Management ApplianceN/Aaffected
CiscoCisco Secure Email and Web Manager11.0.0(Ritz)-128affected

Weaknesses

  • CWE-284: Improper Access Control

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References