Cisco Warns of Three IronPort Vulnerabilities
Two of the bugs could allow an attacker to view sensitive system administration details.
According to The H Security, one flaw lies in the administration interface, the second in the WebSafe servlet and the third in the HTTPS server. The vulnerabilities affect Cisco's IronPort Encryption appliance versions 6.2 and 6.5, as well as IronPort PostX MAP. IronPort C, M and S appliances are not believed to be vulnerable.
Cisco's Security Advisory offers workarounds to mitigate these vulnerabilities.