Content Security Management Appliance
CVE-2017-6783
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to discover confidential information about the appliances that should be available only to an administrative user. The vulnerability occurs because the appliances do not protect confidential information at rest in response to Simple Network Management Protocol (SNMP) poll requests. An attacker could exploit this vulnerability by doing a crafted SNMP poll request to the targeted security appliance. An exploit could allow the attacker to discover confidential information that should be restricted, and the attacker could use this information to conduct additional reconnaissance. The attacker must know the configured SNMP community string to exploit this vulnerability. Cisco Bug IDs: CSCve26106, CSCve26202, CSCve26224. Known Affected Releases: 10.0.0-230 (Web Security Appliance), 9.7.2-065 (Email Security Appliance), and 10.1.0-037 (Content Security Management Appliance).
AnalysisAI
A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) could allow an authenticated, remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Exposure of Sensitive Information (CWE-200), which allows attackers to access sensitive data that should not be disclosed. A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to discover confidential information about the appliances that should be available only to an administrative user. The vulnerability occurs because the appliances do not protect confidential information at rest in response to Simple Network Management Protocol (SNMP) poll requests. An attacker could exploit this vulnerability by doing a crafted SNMP poll request to the targeted security appliance. An exploit could allow the attacker to discover confidential information that should be restricted, and the attacker could use this information to conduct additional reconnaissance. The attacker must know the configured SNMP community string to exploit this vulnerability. Cisco Bug IDs: CSCve26106, CSCve26202, CSCve26224. Known Affected Releases: 10.0.0-230 (Web Security Appliance), 9.7.2-065 (Email Security Appliance), and 10.1.0-037 (Content Security Management Appliance). Affected products include: Cisco Content Security Management Appliance, Cisco Email Security Appliance, Cisco Web Security Appliance.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Minimize information in error messages, implement proper access controls, encrypt sensitive data at rest and in transit.
The End User Safelist/Blocklist (aka SLBL) service in Cisco AsyncOS Software for Email Security Appliance (ESA) before 7
Cross-site scripting (XSS) vulnerability in the web management interface in Cisco AsyncOS on the Email Security Applianc
The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), and W
Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-042 on Em
The web framework on Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management
Cross-site request forgery (CSRF) vulnerability in the web framework on Cisco IronPort Web Security Appliance (WSA) devi
A vulnerability in the user account management system of Cisco AsyncOS for Cisco Content Security Management Appliance (
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Ap
A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco AsyncOS for Cisco Content
A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) and Cisco Content Security
Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance
Same weakness CWE-200 – Information Exposure
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today