5.3
CVE-2020-3122
- EPSS 0.19%
- Veröffentlicht 04.03.2025 19:15:36
- Zuletzt bearbeitet 31.07.2025 19:44:34
- Quelle psirt@cisco.com
- CVE-Watchlists
- Unerledigt
Cisco Content Security Management Appliance Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to obtain sensitive network information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Asyncos Version11.0.0-128
Cisco ≫ Secure Email And Web Manager M170 Version-
Cisco ≫ Secure Email And Web Manager M190 Version-
Cisco ≫ Secure Email And Web Manager M195 Version-
Cisco ≫ Secure Email And Web Manager M380 Version-
Cisco ≫ Secure Email And Web Manager M390 Version-
Cisco ≫ Secure Email And Web Manager M390x Version-
Cisco ≫ Secure Email And Web Manager M395 Version-
Cisco ≫ Secure Email And Web Manager M680 Version-
Cisco ≫ Secure Email And Web Manager M690 Version-
Cisco ≫ Secure Email And Web Manager M690x Version-
Cisco ≫ Secure Email And Web Manager M695 Version-
Cisco ≫ Secure Email And Web Manager M190 Version-
Cisco ≫ Secure Email And Web Manager M195 Version-
Cisco ≫ Secure Email And Web Manager M380 Version-
Cisco ≫ Secure Email And Web Manager M390 Version-
Cisco ≫ Secure Email And Web Manager M390x Version-
Cisco ≫ Secure Email And Web Manager M395 Version-
Cisco ≫ Secure Email And Web Manager M680 Version-
Cisco ≫ Secure Email And Web Manager M690 Version-
Cisco ≫ Secure Email And Web Manager M690x Version-
Cisco ≫ Secure Email And Web Manager M695 Version-
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.19% | 0.408 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@cisco.com | 5.3 | 3.9 | 1.4 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.