CVE-2009-0055

Published: Jan 16, 2009Modified: Apr 23, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors.

Affected (21)

Products: Cisco: Ironport Encryption Appliance, Ironport Postx

Cisco

2 products

Ironport Encryption Appliance

Ironport Postx

Configuration A

21 vulnerable

Vulnerable Software	Affected Versions
Cisco Ironport Encryption Appliance	Version 6.2.4.1
Cisco Ironport Encryption Appliance	Version 6.2.4
Cisco Ironport Encryption Appliance	Version 6.2.5
Cisco Ironport Encryption Appliance	Version 6.2.6
Cisco Ironport Encryption Appliance	Version 6.2.7.1
Cisco Ironport Encryption Appliance	Version 6.2.7.2
Cisco Ironport Encryption Appliance	Version 6.2.7.3
Cisco Ironport Encryption Appliance	Version 6.2.7.4
Cisco Ironport Encryption Appliance	Version 6.2.7.5
Cisco Ironport Encryption Appliance	Version 6.2.7.6
Cisco Ironport Encryption Appliance	Version 6.2.7
Cisco Ironport Encryption Appliance	Version 6.3.0.1
Cisco Ironport Encryption Appliance	Version 6.3.0.2
Cisco Ironport Encryption Appliance	Version 6.3.0.3
Cisco Ironport Encryption Appliance	Version 6.3
Cisco Ironport Encryption Appliance	Version 6.5.0.1
Cisco Ironport Encryption Appliance	Version 6.5
Cisco Ironport Postx	Version 6.2.1
Cisco Ironport Postx	Version 6.2.2.1
Cisco Ironport Postx	Version 6.2.2.2
Cisco Ironport Postx	Version 6.2.2