CVE-2010-0144
First published: Thu Feb 11 2010(Updated: )
Unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65922.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IronPort Encryption Appliance | =6.2.7.5 | |
| Cisco IronPort Encryption Appliance | =6.2.4 | |
| Cisco IronPort Encryption Appliance | =6.2.7.3 | |
| Cisco IronPort Encryption Appliance | =6.2.4.1 | |
| Cisco IronPort Encryption Appliance | =6.2.7 | |
| Cisco IronPort Encryption Appliance | =6.2.7.2 | |
| Cisco IronPort Encryption Appliance | =6.5 | |
| Cisco IronPort Encryption Appliance | =6.2.7.4 | |
| Cisco IronPort Encryption Appliance | =6.2.7.1 | |
| PostX | =6.2.2.2 | |
| Cisco IronPort Encryption Appliance | =6.5.0.1 | |
| Cisco IronPort Encryption Appliance | =6.2.5 | |
| PostX | =6.2.2 | |
| PostX | =6.2.1 | |
| Cisco IronPort Encryption Appliance | =6.2.6 | |
| Cisco IronPort Encryption Appliance | =6.2.7.6 | |
| PostX | =6.2.2.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2010-0144?
CVE-2010-0144 has not been explicitly rated, but it allows remote attackers to read arbitrary files, indicating a serious risk to data confidentiality.
Which versions are affected by CVE-2010-0144?
CVE-2010-0144 affects Cisco IronPort Encryption Appliance versions 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, along with IronPort PostX MAP before 6.2.9.1.
How do I fix CVE-2010-0144?
To fix CVE-2010-0144, upgrade to Cisco IronPort Encryption Appliance version 6.2.9.1 or later, or 6.5.2 or later as appropriate.
What types of attacks does CVE-2010-0144 permit?
CVE-2010-0144 allows remote attackers to read arbitrary files, which could lead to data breaches.
Is there a workaround for CVE-2010-0144?
Currently, the best mitigation for CVE-2010-0144 is to apply the recommended software updates as there are no reported workarounds.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/remedy
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/softwarecombine
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/cisco
- canonical/cisco ironport encryption appliance
- version/cisco ironport encryption appliance/6.2.7.5
- version/cisco ironport encryption appliance/6.2.4
- version/cisco ironport encryption appliance/6.2.7.3
- version/cisco ironport encryption appliance/6.2.4.1
- version/cisco ironport encryption appliance/6.2.7
- version/cisco ironport encryption appliance/6.2.7.2
- version/cisco ironport encryption appliance/6.5
- version/cisco ironport encryption appliance/6.2.7.4
- version/cisco ironport encryption appliance/6.2.7.1
- canonical/postx
- version/postx/6.2.2.2
- version/cisco ironport encryption appliance/6.5.0.1
- version/cisco ironport encryption appliance/6.2.5
- version/postx/6.2.2
- version/postx/6.2.1
- version/cisco ironport encryption appliance/6.2.6
- version/cisco ironport encryption appliance/6.2.7.6
- version/postx/6.2.2.1