Vulnerability in Cisco Content_security_management_appliance
CVE-2015-4288
The LDAP implementation on the Cisco Web Security Appliance (WSA) 8.5.0-000, Email Security Appliance (ESA) 8.5.7-042, and Content Security Management Appliance (SMA) 8.3.6-048 does not verify X.509 certificates from SSL servers, which all…
Vulnerability class: POODLE (CVE-2014-3566)
EPSS: 0.001 (33.4th percentile) — read the EPSS interpretation.
Affected products
- Cisco Content_security_management_appliance — versions 8.3.6-048
- Cisco Email_security_appliance — versions 8.5.7-042
- Cisco Web_security_appliance — versions 8.5.0-000
- N/a — versions n/a
Weakness classification (CWE)
References
- 20150724 Multiple Cisco Products LDAP Server SSL Certificate Validation Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)