CVE-2012-0334

MEDIUM

Cisco IronPort Web Security Appliance AsyncOS <7.5 - Info Disclosure

Title source: llm
STIX 2.1

Description

Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 has a SSL Certificate Caching vulnerability which could allow man-in-the-middle attacks

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry x_refsource_misc
http://www.securityfocus.com/bid/52981

Scores

CVSS v3 6.4
EPSS 0.0026
EPSS Percentile 17.9%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-20
Status published
Products (1)
cisco/ironport_web_security_appliance < 7.5
Published Jan 15, 2020
Tracked Since Feb 18, 2026