Описание
A vulnerability in the authorization module of Cisco Content Security Management Appliance (SMA) Software could allow an authenticated, remote attacker to gain out-of-scope access to email. The vulnerability exists because the affected software does not correctly implement role permission controls. An attacker could exploit this vulnerability by using a custom role with specific permissions. A successful exploit could allow the attacker to access the spam quarantine of other users.
Уязвимые конфигурации
EPSS
4.3 Medium
CVSS3
4.3 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
Связанные уязвимости
A vulnerability in the authorization module of Cisco Content Security Management Appliance (SMA) Software could allow an authenticated, remote attacker to gain out-of-scope access to email. The vulnerability exists because the affected software does not correctly implement role permission controls. An attacker could exploit this vulnerability by using a custom role with specific permissions. A successful exploit could allow the attacker to access the spam quarantine of other users.
Уязвимость модуля авторизации программного обеспечения системы управления защитой контента Cisco Content Security Management Appliance, позволяющая нарушителю получить доступ к сообщениям категории спам других пользователей
EPSS
4.3 Medium
CVSS3
4.3 Medium
CVSS3
3.5 Low
CVSS2